Severity
High
Analysis Summary
CVE-2024-53703 CVSS:8.1
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVE-2024-53702 CVSS:5.3
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
CVE-2024-45319 CVSS:6.3
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.
CVE-2024-45318 CVSS:8.1
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVE-2024-45317 CVSS:7.8
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.
Impact
- Gain Access
- Code Execution
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-53703
- CVE-2024-53702
- CVE-2024-45319
- CVE-2024-45318
- CVE-2024-45317
Affected Vendors
Affected Products
- SonicWall SMA100 SSLVPN
- SonicWall SMA100 SSLVPN Firmware 10.2.1.13-72sv
- SonicWall SMA1000 Appliance Firmware 12.4.3-02676
Remediation
Refer to SonicWall Security Advisory for patch, upgrade, or suggested workaround information.