Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances
29-Mar-22
SonicWall has published security patches to address a major flaw that may be exploited by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition across numerous firewall appliances.
The bug, identified as CVE-2022-22274 (CVSS score: 9.4), is a stack-based buffer overflow in SonicOS’ web administration interface that might be triggered by delivering a particularly crafted HTTP request, resulting in remote code execution or denial of service.
