IT Resources for Canadians
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted unauthenticated HTTP request. This can potentially lead to an internal sensitive data disclosure vulnerability.
CVE: CVE-2021-20019
Last updated: Sept. 1, 2021, 10:17 p.m.
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
• SonicWall PSIRT is not aware of any active exploitation of this vulnerability in the wild
• No reports of a PoC have been made public at the time of this advisory
CVE: CVE-2021-20027
Last updated: June 16, 2021, 6:58 p.m.
Original Article
Original Article