VDB
CVE-2021-20039
CVE-2021-20039
PUBLISHED
CVSS 9 CRITICAL
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
EPSS 82.46% · 99.3th percentile
Risk Scores
CVSS 2.0
9
EPSS Score
82.46%
99.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sonicwall | sma_200_firmware | 9.0.0.11-31sv, 10.2.1.1-19sv, 10.2.0.8-37sv |
| sonicwall | sma_400_firmware | 9.0.0.11-31sv, 10.2.0.8-37sv, 10.2.1.1-19sv |
| sonicwall | sma_210_firmware | 9.0.0.11-31sv, 10.2.1.1-19sv, 10.2.0.8-37sv |
| sonicwall | sma_410_firmware | 10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv |
| sonicwall | sma_500v_firmware | 10.2.0.8-37sv, 9.0.0.11-31sv, 10.2.1.1-19sv |
| SonicWall | SonicWall SMA100 | 9.0.0.11-31sv and earlier, 10.2.0.8-37sv and earlier, 10.2.1.1-19sv and earlier |
Exploit Intelligence
- http://packetstormsecurity.com/files/165563/SonicWall-SMA-100-Series-Authenticated-Command-Injection.html (nist-nvd)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- CIRCL seen: CVE-2021-20039 (circl-sighting)
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 (circl)
- ET EXPLOIT SonicWall SMA Authenticated Command Injection Attempt CVE-2021-20039 (emergingthreats)
…and 5 more exploits
Timeline
- Dec 8, 2021 CVE Published
- Dec 9, 2021 EPSS Score
- Jan 12, 2022 PoC Published
- Jan 13, 2022 PoC Published
- Jan 13, 2022 EPSS Score
- Jan 14, 2022 EPSS Score
- Jan 26, 2022 PoC Published
- Apr 1, 2022 EPSS Score
- Apr 11, 2023 EPSS Score
- Jul 30, 2023 EPSS Score
- Aug 13, 2023 EPSS Score
- Oct 11, 2023 EPSS Score
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 advisory
- http://packetstormsecurity.com/files/165563/SonicWall-SMA-100-Series-Authenticated-Command-Injection.html url
- https://attackerkb.com/topics/9szJhq46lw/cve-2021-20039/rapid7-analysis exploit
- https://nvd.nist.gov/vuln/detail/CVE-2021-20039 advisory