CVE-2022-22274

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sonicwall:sonicosv:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*

History

31 Mar 2022, 01:14

Type Values Removed Values Added
CWE CWE-787
References (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003 - (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
CPE cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicosv:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
First Time Sonicwall nsv 800
Sonicwall nssp 15700
Sonicwall nsv 1600
Sonicwall tz370w
Sonicwall nsa 2700
Sonicwall nsv 200
Sonicwall
Sonicwall nsv 50
Sonicwall tz570w
Sonicwall tz470
Sonicwall nsv 470
Sonicwall nssp 10700
Sonicwall nsv 870
Sonicwall sonicos
Sonicwall sonicosv
Sonicwall nssp 13700
Sonicwall nsv 270
Sonicwall nsa 6700
Sonicwall tz370
Sonicwall nsv 300
Sonicwall nsa 4700
Sonicwall nsv 25
Sonicwall tz270w
Sonicwall nsv 400
Sonicwall nsv 100
Sonicwall tz270
Sonicwall nsv 10
Sonicwall tz570p
Sonicwall nsa 5700
Sonicwall tz570
Sonicwall tz470w
Sonicwall tz670
Sonicwall nssp 11700
Sonicwall nsa 3700

25 Mar 2022, 23:37

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-25 23:15

Updated : 2023-12-10 14:22


NVD link : CVE-2022-22274

Mitre link : CVE-2022-22274

CVE.ORG link : CVE-2022-22274


JSON object : View

Products Affected

sonicwall

  • nsa_6700
  • nsv_200
  • nsv_400
  • tz370w
  • tz570w
  • nsv_100
  • nsv_1600
  • nsv_50
  • tz470w
  • tz370
  • tz270w
  • nsv_25
  • nssp_13700
  • nsa_4700
  • nsv_470
  • tz470
  • tz570
  • nsv_800
  • sonicos
  • tz670
  • nsa_2700
  • nsv_270
  • nssp_11700
  • tz270
  • nsv_300
  • nsa_5700
  • nsa_3700
  • nssp_15700
  • nsv_870
  • tz570p
  • sonicosv
  • nsv_10
  • nssp_10700
CWE
CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow