SonicWall Authenticated SMA100 Arbitrary Command Injection Vulnerability Is Been Exploited (CVE-2021-20035)

April 19, 2025 Jason Davies 101 Views 0 Comments Arbitrary Command Injection Vulnerability, CVE-2021-20035, Cyber Security, SonicWall 0 min read

CVE number – CVE-2021-20035

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a ‘nobody’ user, which could potentially lead to code execution.

This vulnerability is potentially being exploited in the wild.

Affected Versions

9.0.0.10-28sv and earlier

10.2.0.7-34sv and earlier

10.2.1.0-17sv and earlier

Further information – https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

Jason Davies

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.

SonicWall Authenticated SMA100 Arbitrary Command Injection Vulnerability Is Been Exploited (CVE-2021-20035)

Like this:

Related Posts

Jason Davies

Leave a ReplyCancel reply

Share this:

Like this:

Related Posts

Jason Davies

Leave a ReplyCancel reply