CVE-2021-20016
- Reference to the description:
- Description:
- A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.
- Last updated date:
- 02/08/2021
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 01/31/2021
- Reference url to background
https://twitter.com/NCCGroupInfosec/status/1355850304596680705
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 11/03/2021
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog