CVE-2022-22274

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 29, 2021
Published Date: March 25, 2022
Last Updated: August 03, 2024
Vendor: SonicWall
Product: SonicOS
Description: A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

CVSS Scores

EPSS Score

Score: 37.32% (Percentile: 96.93%) as of 2025-04-29

Exploit Status

Exploited in the Wild: Yes (added 2025-04-23 00:00:00 UTC) Source

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-04-28 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

BishopFox/CVE-2022-22274_CVE-2023-0656

Type: github • Created: 2024-01-12 20:03:51 UTC • Stars: 19

4lucardSec/Sonic_CVE-2022-22274_poc

Type: github • Created: 2023-01-14 17:15:53 UTC • Stars: 6