Vulnerability detail

Enriched intelligence for a single CVE

9.8

CVSS
Critical

CVE-2021-20038

PUBLISHED

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated...

Exploited in the wild Used in malware Remote Low complexity No user interaction

Vendor: SonicWall
Product: SonicWall SMA100
Published: Dec 08, 2021
EPSS: —

Description

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.

apache cisa malware ransomware nuclei_scanner edge

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 7.5

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2022-01-28 00:00:00 UTC · Source

Used in malware

Recorded 2022-01-28 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Jan 28, 2022

Scanner integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-20038.yaml	Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

vesperp/CVE-2021-20038-SonicWall-RCE

github · Created 2022-08-08 03:38:06 UTC · 1 stars

Timeline

CVE ID Reserved

December 17, 2020
CVE Published to Public

December 08, 2021
Exploit Used in Malware

January 28, 2022
Added to KEVIntel

January 28, 2022
Detected by Nuclei

April 25, 2025