CVE-2022-22280 - AskarLabs CVE Database

CVE-2022-22280

Vendor Sonicwall

Product SonicWall GMS

Weakness CWE-89 · SQLi

Published July 29, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.

Key dates

02Disclosure timeline

July 29, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-22280 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2023-2344 SourceCodester Service Provider Management System HTTP POST Request sql injection CVE-2025-2604 SourceCodester Kortex Lite Advocate Office Management System edit_act.php sql injection CVE-2024-4654 BlueNet Technology Clinical Browsing System cloudInterface.php sql injection CVE-2025-7471 code-projects Modern Bag login-back.php sql injection CVE-2024-2554 SourceCodester Employee Task Management System update-employee.php sql injection

Identifiers

CVE CVE-2022-22280

CWE CWE-89

Affected versions

Vendor Sonicwall

Product SonicWall GMS

Affected 9.3.1-SP2-Hotfix1 and earlier

Vendor Sonicwall

Product SonicWall Analytics On-Prem

Affected 2.5.0.3-2520 and earlier