CVE-2021-20035

Confirmed PUBLISHED

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands...

SonicWall · SMA100
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
6.5 Medium

At a Glance

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

nessus_scanner edge cisa
CVE Published
Sep 27, 2021
Exploitation Reported
Apr 16, 2025
CVSS
6.5 Medium
EPSS
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
SonicWall
SMA100

9.0.0.10-28sv and earlier

Affected
SonicWall
SMA100

10.2.0.7-34sv and earlier

Affected
SonicWall
SMA100

10.2.1.0-17sv and earlier

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.