SonicOS SSLVPN service unauthenticated malicious HTTP request leads to memory addresses leak

A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3 and SonicOSv 6.5.4.v.
CVE: CVE-2020-5140
Last updated: Oct. 20, 2020, 9:43 a.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *