Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  >> Sonicos  >> 7.1.1-7040  Security Vulnerabilities
CVE-2026-3439
A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.001
Published
2026-03-04
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0401
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0402
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0399
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.
CVSS Score
4.9
EPSS Score
0.001
Published
2026-02-24
CVE-2025-40601
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-20
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-07-29
CVE-2024-53704
Known exploited
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVSS Score
9.8
EPSS Score
0.939
Published
2025-01-09
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.102
Published
2024-07-18
CVE-2024-29012
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
CVSS Score
7.5
EPSS Score
0.022
Published
2024-06-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved