Volerion logoVolerion
Volerion logoVolerion

SonicWall SonicOS Post-authentication Format String Vulnerability Allowing Firewall Crash and Potential Code Execution

Vulnerability

A post-authentication format string vulnerability has been identified in the management interface of SonicWall SonicOS. This vulnerability allows remote attackers to cause a crash of the firewall and potentially execute arbitrary code. It affects multiple generations of SonicWall firewalls and certain versions of the SonicWall NSv product.

Impact

Exploitation of this vulnerability can lead to a crash of the affected firewall, with a potential for unauthorized code execution.

Remediation

Users are advised to upgrade to SonicWall SonicOS versions 6.5.5.1-6n, 7.0.1-5165 and higher, 7.1.3-7015 and higher, or 8.0.0-8037 and higher, depending on their specific firewall model.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
7.5
exploitability
4.4
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.