An unauthenticated and remote adversary can consume all of the devices CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sma_200_firmware | Sonicwall | 9.0.0.11-31sv (including) | 9.0.0.11-31sv (including) |
Sma_200_firmware | Sonicwall | 10.2.0.8-37sv (including) | 10.2.0.8-37sv (including) |
Sma_200_firmware | Sonicwall | 10.2.1.1-19sv (including) | 10.2.1.1-19sv (including) |