PT-2021-13741 · Sonicwall · Sma 200+5
Published
2021-12-08
·
Updated
2023-03-10
·
CVE-2021-20045
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
SMA100 sonicfiles versions (affected versions not specified)
SMA 200
SMA 210
SMA 400
SMA 410
SMA 500v
Description:
A buffer overflow vulnerability in the
RAC COPY TO method, specifically with RacNumber 36, allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance.Recommendations:
For SMA100 sonicfiles, consider disabling the
RAC COPY TO method until a patch is available.
For SMA 200, update to a version that fixes the buffer overflow vulnerability in the RAC COPY TO method.
For SMA 210, update to a version that fixes the buffer overflow vulnerability in the RAC COPY TO method.
For SMA 400, update to a version that fixes the buffer overflow vulnerability in the RAC COPY TO method.
For SMA 410, update to a version that fixes the buffer overflow vulnerability in the RAC COPY TO method.
For SMA 500v, update to a version that fixes the buffer overflow vulnerability in the RAC COPY TO method.Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sma 200
Sma 210
Sma 400
Sma 410
Sma 500V
Sma100