SonicWall SMA100 SSLVPN Firmware Vulnerability Could Lead to Code Execution
CVE-2024-53703

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Sma100
Vendor: CVE Published:; 5 December 2024

Summary

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

Affected Version(s)

SMA100 Linux 10.2.1.13-72sv and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

Timeline

Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Nov 22, 2024

Credit

Alain Mowat of Orange Cyberdefense, Switzerland.