THREATOPS
THREAT OPSCVEs › CVE-2021-20035

CVE-2021-20035 — SonicWall SMA100 Appliances OS Command Injection Vulnerability

CISA KEVExploited: confirmedSonicWall

SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.

Vulnerability details