CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Project:SonicWall
Product:SSLVPN SMA100
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Description
SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-20016