exploitDog

CVE-2020-5131

Опубликовано: 17 июл. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier.

Ссылки

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:windows:*:*

Версия до 9.0.815 (включая)

EPSS

Процентиль: 13%

0.00043

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20

CWE-20

Связанные уязвимости

GHSA-cw48-h2hv-c97j

github

больше 3 лет назад

SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier.

EPSS

Процентиль: 13%

0.00043

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20

CWE-20