Sonicwall

Until a patch is released to address this bug, SonicWall has provided a temporary fix that requires admins to disable incremental updates to IDP, GAV, …

Baines on Tuesday in a blog post described the vulnerability in detail. He said Sonicwall's "slightly modified" version of the Apache httpd web server …

Baines said Rapid7 reported the issues to SonicWall, which released fixes to … “The most critical vulnerability has a severity of 9.8/10, …

By exploiting this vulnerability, an attacker could gain full control of the device or virtual machine running the SMA 100 series device. This could …

The flaw was assessed as a 9.8 CVSS vulnerability, a designation generally reserved for the most severe of security issues. According to Rapid7, the …

Exploiting the Critical Vulnerability. The stack-based buffer overflow flaw discovered by Baines affects SonicWall SMA 100 series version: …

The company released new security updates last week to address the high severity Microsoft Exchange Server vulnerability, which has been causing junk …

Network security vendor SonicWall is urging customers to update their … New Apache Log4j Update Released to Patch Newly Discovered Vulnerability.

… vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and Sophos.

Admins who implement remote access to companies via Sonicwall's Secure Mobile Access Systems (SMA) should update the appliances quickly.

“Rapid7 will release the technical details and proof-of-concept code in January 2022 as part of our coordinated vulnerability disclosure process.”.

The U.S. Cybersecurity and Infrastructure Security Agency has also released an advisory encouraging users and administrators using the SonicWall …

Multiple serious vulnerabilities in SonicWall VPN hardware are exposing … Since the turn of the year, the company has been forced to release a …

Rapid7 says it "will release the technical details and proof-of-concept code in January 2022 as part of our coordinated vulnerability disclosure …

“The vulnerability is due to the SonicWall SMA SSLVPN Apache HTTPd server … and 500 series products that run version 9.0.0.11-31sv or earlier, …

“The vulnerability is due to the SonicWall SMA SSLVPN Apache httpd … forcing the firm to release a “important firmware upgrade” to fix it, …

“The vulnerability is caused by the SonicWall SMA SSLVPN Apache httpd server's GET method of mod_cgi module environment variables using a single …

Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of …

Critical security vulnerabilities in SonicWall's Secure Mobile Access (SMA) … “The vulnerability is due to the SonicWall SMA SSLVPN Apache httpd …

SonicWall 'strongly urges' organizations using SMA 100 series … CVE-2021-20039, Authenticated Command Injection Vulnerability as Root, 7.2 High.