Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-20051 | 1 Sonicwall | 1 Global Vpn Client | 2022-05-12 | 6.9 MEDIUM | 7.8 HIGH |
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system. | |||||
CVE-2021-20047 | 1 Sonicwall | 1 Global Vpn Client | 2021-12-10 | 6.9 MEDIUM | 7.8 HIGH |
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system. | |||||
CVE-2021-20037 | 1 Sonicwall | 1 Global Vpn Client | 2021-10-05 | 7.2 HIGH | 7.8 HIGH |
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier. | |||||
CVE-2020-5144 | 1 Sonicwall | 1 Global Vpn Client | 2020-11-03 | 6.9 MEDIUM | 7.8 HIGH |
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability. | |||||
CVE-2020-5145 | 1 Sonicwall | 1 Global Vpn Client | 2020-10-30 | 6.9 MEDIUM | 8.6 HIGH |
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system. | |||||
CVE-2007-6273 | 1 Sonicwall | 1 Global Vpn Client | 2011-03-07 | 9.3 HIGH | N/A |
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. |