Back to KEVs

CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated...

Basic Information

CVE State
PUBLISHED
Reserved Date
December 17, 2020
Published Date
December 08, 2021
Last Updated
September 05, 2025
Vendor
SonicWall
Product
SonicWall SMA100
Description
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

9.0

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

SSVC Information

Exploitation
poc
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-07-16 17:25:30 UTC) Source

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 http://packetstormsecurity.com/files/165563/SonicWall-SMA-100-Series-Authenticated-Command-Injection.html

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-07-16 17:25:30 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/sonicwall_cve_2021_20039.rb 2025-04-28 15:02:10 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

sonicwall_cve_2021_20039

Type: metasploit • Created: Unknown

Metasploit module for CVE-2021-20039

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Metasploit

  • Added to KEVIntel