CVE-2021-20035
Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 17, 2020
- Published Date
- September 27, 2021
- Last Updated
- April 17, 2025
- Vendor
- SonicWall
- Product
- SMA100
- Description
- Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.
CVSS Scores
EPSS Score
- Score
- 26.23% (Percentile: 95.96%) as of 2025-04-29
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2025-04-16 00:00:00 UTC) Source
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2025-04-16 00:00:00 UTC |