CVE-2021-20022

Summary

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

Affected Software

VendorProductVersion RangeStatus
SonicWallEmail Security10.0.9 and earlieraffected

Weaknesses

  • CWE-434: CWE-434: Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References