CVE-2021-20034

Summary

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

Affected Software

VendorProductVersion RangeStatus
SonicWallSMA1009.0.0.10-28sv and earlieraffected
SonicWallSMA10010.2.0.7-34sv and earlieraffected
SonicWallSMA10010.2.1.0-17sv and earlieraffected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References