Every CVE whose affected-product data names Sonicwall Sonicos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (68)
CVE-2019-12255 — CVSS 9.8 (critical): Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer =…
CVE-2022-22274 — CVSS 9.8 (critical): A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of…
CVE-2019-12256 — CVSS 9.8 (critical): Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the…
CVE-2025-40600 — CVSS 9.8 (critical): Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause…
CVE-2019-12260 — CVSS 9.8 (critical): Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP…
CVE-2019-12261 — CVSS 9.8 (critical): Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security…
CVE-2019-7475 — CVSS 9.8 (critical): A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to…
CVE-2024-22394 — CVSS 9.8 (critical): An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow…
CVE-2024-3596 — CVSS 9.0 (critical): RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept…
CVE-2021-20046 — CVSS 8.8 (high): A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of…
CVE-2021-20048 — CVSS 8.8 (high): A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of…
CVE-2023-1101 — CVSS 8.8 (high): SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
CVE-2019-12257 — CVSS 8.8 (high): Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap…
CVE-2023-41715 — CVSS 8.8 (high): SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their…
CVE-2019-12263 — CVSS 8.1 (high): Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP…
CVE-2026-0204 — CVSS 8.0 (high): A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific…
CVE-2019-7487 — CVSS 7.8 (high): Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in…
CVE-2025-40601 — CVSS 7.5 (high): A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of…
CVE-2019-12258 — CVSS 7.5 (high): Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection…
CVE-2019-12259 — CVSS 7.5 (high): Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security…
CVE-2019-7477 — CVSS 7.5 (high): A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher…
CVE-2020-5133 — CVSS 7.5 (high): A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a…
CVE-2020-5137 — CVSS 7.5 (high): A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN…
CVE-2020-5138 — CVSS 7.5 (high): A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall…
CVE-2020-5139 — CVSS 7.5 (high): A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of…
CVE-2020-5140 — CVSS 7.5 (high): A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by…
CVE-2021-20019 — CVSS 7.5 (high): A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead…
CVE-2021-20027 — CVSS 7.5 (high): A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted…
CVE-2022-22275 — CVSS 7.5 (high): Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake…
CVE-2023-0656 — CVSS 7.5 (high): A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which…
CVE-2024-29012 — CVSS 7.5 (high): Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service…
CVE-2024-40764 — CVSS 7.5 (high): Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service…
CVE-2021-3450 — CVSS 7.4 (high): The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by…
CVE-2019-7479 — CVSS 7.2 (high): A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected…
CVE-2026-0205 — CVSS 6.8 (medium): A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
CVE-2020-5141 — CVSS 6.5 (medium): A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service…
CVE-2023-39276 — CVSS 6.5 (medium): SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
CVE-2023-39277 — CVSS 6.5 (medium): SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a…
CVE-2023-39278 — CVSS 6.5 (medium): SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall…
CVE-2023-39279 — CVSS 6.5 (medium): SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall…
CVE-2023-39280 — CVSS 6.5 (medium): SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a…
CVE-2023-41711 — CVSS 6.5 (medium): SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall…
CVE-2023-41712 — CVSS 6.5 (medium): SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
CVE-2019-7474 — CVSS 6.5 (medium): A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by…
CVE-2020-5134 — CVSS 6.5 (medium): A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This…
CVE-2020-5136 — CVSS 6.5 (medium): A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual…
CVE-2024-29013 — CVSS 6.5 (medium): Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS)…
CVE-2021-20031 — CVSS 6.1 (medium): A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary…
CVE-2020-5142 — CVSS 6.1 (medium): A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to…
CVE-2021-3449 — CVSS 5.9 (medium): An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation…
CVE-2018-9867 — CVSS 5.5 (medium): In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in…
CVE-2018-5281 — CVSS 5.4 (medium): SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion…
CVE-2018-5280 — CVSS 5.4 (medium): SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
CVE-2019-12265 — CVSS 5.3 (medium): Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security…
CVE-2020-5130 — CVSS 5.3 (medium): SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the…
CVE-2020-5132 — CVSS 5.3 (medium): SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name…
CVE-2026-0399 — CVSS 4.9 (medium): Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds…
CVE-2026-3439 — CVSS 4.9 (medium): A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a…
CVE-2026-0401 — CVSS 4.9 (medium): A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-0206 — CVSS 4.9 (medium): A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-0402 — CVSS 4.9 (medium): A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2026-0400 — CVSS 4.9 (medium): A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVE-2015-3447 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote…