CVE-2021-20041

CVE-2021-20041

Vendor Sonicwall
Product SonicWall SMA100
Weakness CWE-835
Published December 8, 2021
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Key dates

02Disclosure timeline

December 8, 2021 CVE published
August 3, 2024 Record updated