Rewterz Threat Advisory – CVE-2021-3600 – Linux Kernel Code Execution
June 24, 2021Rewterz Threat Advisory – CVE-2021-26420 – Microsoft SharePoint Remote Code Execution Vulnerability
June 24, 2021Rewterz Threat Advisory – CVE-2021-3600 – Linux Kernel Code Execution
June 24, 2021Rewterz Threat Advisory – CVE-2021-26420 – Microsoft SharePoint Remote Code Execution Vulnerability
June 24, 2021Severity
Medium
Analysis Summary
CVE-2021-20019
SonicWall SonicOS could allow a remote attacker to obtain sensitive information, caused by a buffer overflow in HTTP request header that causes the HTTP server response to leak partial memory. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain partial memory and other sensitive information.
Impact
- Information Theft
- Unauthorized Access
Affected Vendors
Sonicwall
Affected Products
- SonicWall SonicOS 6.0.5
- SonicWall SonicOS 6.5.1.12
- SonicWall SonicOS 7.0.0
- SonicWall SonicOS 6.5.4.7
Remediation
Refer to SonicWall Security Advisory SNWLID-2021-0006 for patch, upgrade or suggested workaround information.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006