cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45317,https://securityvulnerability.io/vulnerability/CVE-2024-45317,SSRF Vulnerability in SMA1000 Appliance Firmware Could Lead to Unintended IP Address Requests,"A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.",Sonicwall,Sma1000,,,0.0004299999854993075,false,false,false,false,,false,false,2024-10-11T08:30:23.707Z,0
CVE-2023-0126,https://securityvulnerability.io/vulnerability/CVE-2023-0126,Path Traversal Vulnerability in SMA1000 Firmware by SonicWall,"A pre-authentication path traversal vulnerability exists in the SMA1000 firmware version 12.4.2, enabling an unauthenticated attacker to access sensitive files and directories located outside the intended web root. This flaw poses a significant security risk, as it allows for unauthorized data exposure and potential system compromise.",SonicWall,SonicWall SMA1000,7.5,HIGH,0.31158000230789185,false,false,false,false,,false,false,2023-01-19T00:00:00.000Z,0
CVE-2022-22282,https://securityvulnerability.io/vulnerability/CVE-2022-22282,,"SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.",Sonicwall,Sonicwall Sma1000,9.8,CRITICAL,0.0023799999617040157,false,false,false,false,,false,false,2022-05-13T19:40:18.000Z,0
CVE-2022-1702,https://securityvulnerability.io/vulnerability/CVE-2022-1702,,"SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.",Sonicwall,Sonicwall Sma1000,6.1,MEDIUM,0.0007300000288523734,false,false,false,false,,false,false,2022-05-13T19:40:15.000Z,0
CVE-2022-1701,https://securityvulnerability.io/vulnerability/CVE-2022-1701,,"SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.",Sonicwall,Sonicwall Sma1000,7.5,HIGH,0.0009699999936856329,false,false,false,false,,false,false,2022-05-13T19:40:14.000Z,0
CVE-2020-5132,https://securityvulnerability.io/vulnerability/CVE-2020-5132,,"SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.",Sonicwall,"Sma100,Sma1000,Sonicos",5.3,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2020-09-30T05:25:11.000Z,0
CVE-2020-5129,https://securityvulnerability.io/vulnerability/CVE-2020-5129,,A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.,Sonicwall,Sma1000,7.5,HIGH,0.0017900000093504786,false,false,false,false,,false,false,2020-03-26T03:35:12.000Z,0