Blog | G5 Cyber Security

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. The vulnerability is a stack-based buffer overflow that affects the SonicWall Network Security Appliance (NSA) The vulnerability can be exploited by an unauthenticated HTTP request involving a custom protocol handler. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. Most of the vulnerable devices are in the United States.”]

Source: https://securityaffairs.co/wordpress/109560/hacking/sonicwall-cve-2020-5135-flaw.html

Exit mobile version