SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/163857/SonicWall-NetExtender-10.2.0.300-Unquoted-Service-Path.html | Exploit Third Party Advisory VDB Entry |
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0023 | Vendor Advisory |
Configurations
History
21 Sep 2021, 17:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jan 2021, 17:23
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0023 - Vendor Advisory | |
CPE | cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:windows:*:* | |
CWE | CWE-428 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 5.3 |
09 Jan 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-09 01:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-5147
Mitre link : CVE-2020-5147
CVE.ORG link : CVE-2020-5147
JSON object : View
Products Affected
sonicwall
- netextender
CWE
CWE-428
Unquoted Search Path or Element