CVE-2021-20035 - SonicWall SMA100 Appliances OS Command Injection Vulnerability

Vulnerability Name

SonicWall SMA100 Appliances OS Command Injection Vulnerability

Description

SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0022

https://nvd.nist.gov/vuln/detail/CVE-2021-20035

Related News Articles

SonicWall SMA VPN devices targeted in attacks since JanuaryApril 18, 2025

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)April 18, 2025

CISA tags SonicWall VPN flaw as actively exploited in attacksApril 17, 2025

CISA Flags Actively Exploited Vulnerability in SonicWall SMA DevicesApril 17, 2025