Detections
Analytics

CVE-2021-20035

medium

Description

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

References

https://cyberscoop.com/sonicwall-exploited-vulnerabilities-surge/

https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-vpn-flaw-exploited-in-attacks/

https://thehackernews.com/2025/05/sonicwall-patches-3-flaws-in-sma-100.html

https://www.hipaajournal.com/sonicwall-sma-vulnerabilities-actively-exploited-in-attacks/

https://www.securityweek.com/sonicwall-flags-two-vulnerabilities-as-exploited/

https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html

https://www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/

https://securityaffairs.com/176706/security/attackers-exploited-sonicwall-sma-appliances-since-january-2025.html

https://www.helpnetsecurity.com/2025/04/18/sonicwall-sma100-vulnerability-exploited-by-attackers-cve-2021-20035/

https://www.bleepingcomputer.com/news/security/sonicwall-sma-vpn-devices-targeted-in-attacks-since-january/

https://www.securityweek.com/sonicwall-flags-old-vulnerability-as-actively-exploited/

https://thehackernews.com/2025/04/cisa-flags-actively-exploited.html

https://www.cisa.gov/news-events/alerts/2025/04/16/cisa-adds-one-known-exploited-vulnerability-catalog

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

Details

Source: Mitre, NVD

Published: 2021-09-27

Updated: 2025-04-17

Named Vulnerability: SonicWall SMA100 Appliance flawKnown Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.26232