CVE-2021-20017

Description

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.

Affected products

• SonicWall / SMA10010.2.0.5 and earlier – 10.2.0.5 and earlier

References

• VENDOR_ADVISORYhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0004