Shodan
Vulnerabilities
Vulnerable Software
Sonicwall:  >> Sonicos  >> 7.0.1-5145  Security Vulnerabilities
CVE-2026-3439
A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.001
Published
2026-03-04
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0401
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0402
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.
CVSS Score
4.9
EPSS Score
0.002
Published
2026-02-24
CVE-2026-0399
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.
CVSS Score
4.9
EPSS Score
0.001
Published
2026-02-24
CVE-2025-40601
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-20
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.102
Published
2024-07-18
CVE-2024-29012
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
CVSS Score
7.5
EPSS Score
0.022
Published
2024-06-20
CVE-2024-29013
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
CVSS Score
6.5
EPSS Score
0.023
Published
2024-06-20
CVE-2022-22275
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved