SonicWall SonicOS Multiple Post-Authentication Vulnerabilities (SNWLID-2026-0001)

medium Nessus Plugin ID 300077

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by multiple vulnerabilities, including:

- Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint. (CVE-2026-0399)

- A post-authentication format string vulnerability in SonicOS allows a remote attacker to crash a firewall.
(CVE-2026-0400)

- A post-authentication NULL pointer dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. (CVE-2026-0401)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in the vendor security advisory.

See Also

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001

Plugin Details

Severity: Medium

ID: 300077

File Name: sonicwall_SNWLID-2026-0001.nasl

Version: 1.1

Type: combined

Family: Firewalls

Published: 2/27/2026

Updated: 2/27/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2026-0399

CVSS v3

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/o:sonicwall:sonicos

Required KB Items: installed_sw/SonicWall SonicOS

Patch Publication Date: 2/24/2026

Vulnerability Publication Date: 2/24/2026

Reference Information

CVE: CVE-2026-0399, CVE-2026-0400, CVE-2026-0401, CVE-2026-0402