Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

SonicWall SMA 100: CVE-2021-20034: Critical Arbitrary File Delete Vulnerability In SonicWall SMA 100 Series Appliances

Severity
6
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:P)
Published
Sep 24, 2021
Added
Oct 5, 2021
Modified
Nov 26, 2021

Description

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

Solutions

sonicwall-sma-100-upgrade-10.2.1.1-19svsonicwall-sma-100-upgrade-10.2.0.8-37svsonicwall-sma-100-upgrade-9.0.0.11-31sv
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.