What the vulnerability does

01Description

A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacNumber 36) method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Key dates

02Disclosure timeline

December 8, 2021 CVE published
August 3, 2024 Record updated