CVE-2021-20031

Summary

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicOS7.0.1-R1262 and earlieraffected
SonicWallSonicOS7.0.1-R1283 and earlieraffected
SonicWallSonicOS7.0.1-R579 and earlieraffected
SonicWallSonicOS6.5.4.7 and earlieraffected
SonicWallSonicOS6.5.1.12 and earlieraffected
SonicWallSonicOS6.0.5.3-94o and earlieraffected
SonicWallSonicOS6.5.4.4-44V-21-987 and earlieraffected
SonicWallSonicOS5.9.1.13 and earlieraffected

Weaknesses

  • CWE-601: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

References