CVE-2021-20021

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 17, 2020
Published Date: April 09, 2021
Last Updated: February 06, 2025
Vendor: SonicWall
Product: Email Security
Description: A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

CVSS Scores

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2023-09-07 16:17:41 UTC) Source
Used in Malware: Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0007

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

SUPRAAA-1337/CVE-2021-20021

Type: github • Created: 2023-09-07 16:17:41 UTC • Stars: 2