SB2024120511 - Multiple vulnerabilities in SonicWall SMA100 series

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024120511

SB2024120511 - Multiple vulnerabilities in SonicWall SMA100 series

Published: December 5, 2024 Updated: June 6, 2025

Security Bulletin ID SB2024120511
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 17% High 50% Medium 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2024-38475)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in mod_rewrite when first segment of substitution matches filesystem path. A remote attacker can map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL and view contents of files or execute arbitrary code.


2) Heap-based buffer overflow (CVE-ID: CVE-2024-40763)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the SSL-VPN interface. A remote attacker can send specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Stack-based buffer overflow (CVE-ID: CVE-2024-45318)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the SSL-VPN web management interface. A remote non-authenticated attacker can send specially crafted data to the management interface, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Use of hard-coded credentials (CVE-ID: CVE-2024-45319)

The vulnerability allows a remote user to bypass certificate-based authentication.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote authenticated user can circumvent the certificate requirement during authentication.


5) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CVE-ID: CVE-2024-53702)

The vulnerability allows a remote attacker to guess generated secrets.

The vulnerability exists due to usage of weak random generator values within the SSL-VPN backup code generator. A remote attacker can guess generated secret.


6) Stack-based buffer overflow (CVE-ID: CVE-2024-53703)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the SSL-VPN mod_httprp library loaded by the Apache web server. A remote unauthenticated attacker can send specially crafted requests to the SSL-VPN web interface, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References