SonicWall has announced a SonicOS vulnerability with a CVSS score of 9.4, making this a critical vulnerability. A stack-based buffer overflow vulnerability in the SonicOS can be exploited via HTTP request. This allows a remote unauthenticated attacker to cause Denial of Service (DoS), which can potentially result in code execution on the firewall.
Note this vulnerability ONLY impacts the web management interface – the SonicOS SSLVPN interface isn’t impacted.
We strongly recommend schools using impacted SonicWall firewalls listed below apply the following patches and guidance below.
Impacted products and Fixed software version
| Product | Impacted platforms | Impacted version | Fixed version |
| SonicWall Firewalls | TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570,TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700,NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700,NSv 270, NSv 470, NSv 870 | 7.0.1-5050 and earlier | 7.0.1-5051 and higher |
| SonicWall NSsp Firewall | NSsp 15700 | 7.0.1-R579 and earlier | Mid-April (Hotfix build 7.0.1-5030-HF-R844) |
| SonicWall NSv Firewalls | NSv 10, NSv 25, NSv 50, Nsv 100, NSv 200,NSv, 300, NSv 400, NSv 800, NSv 1600 | 6.5.4.4-44v-21-1452 and earlier | 6.5.4.4-44v-21-1519 and higher |
Workaround (if suggested patches can’t be applied)
Until the above patches can be applied, SonicWall PSIRT strongly recommends that administrators limit SonicOS management access to trusted sources (and/or disable management access from untrusted internet sources) by modifying the existing SonicOS management access rules (SSH/HTTPS/HTTP Management). This will only allow management access from trusted source IP addresses. Please refer to the following articles for more information on this:
> Suggested tips when allowing access to SonicWall web management
> How to restrict admin access to the device
Please refer to Sonicwall advisory for more information.