Primary

Context

SonicWall SonicOS Post-Authentication Path Traversal Vulnerability

Vulnerability

Patched

A post-authentication path traversal vulnerability exists in SonicWall SonicOS, allowing attackers to access and interact with typically restricted services. This vulnerability affects several generations of SonicWall firewalls and NSv platforms, with specific version ranges vulnerable.

Impact

Exploitation of this vulnerability could lead to unauthorized access to restricted services, potentially allowing for further exploitation or manipulation of the device or network.

Remediation

Administrators are advised to disable HTTP or HTTPS-based firewall management and SSL-VPN access on all interfaces, restricting management access to SSH only. Once the vulnerability has been addressed, SonicWall PSIRT recommends consulting the official SonicWall support channels for guidance on re-enabling management access.

Added: Apr 29, 2026, 5:24 PM

Updated: Apr 29, 2026, 5:24 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

3.5

remediation

8.3

relevance

6.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

3.5

remediation

8.3

relevance

6.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SonicWall SonicOS Post-Authentication Path Traversal Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SonicOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating