vulnerability
SonicWall SonicOS: CVE-2021-20027: SonicOS vulnerability involving improper neutralization of HTTP header resulting in unauthenticated Denial of Service (DoS)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 14, 2021 | May 25, 2026 | May 25, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 14, 2021
Added
May 25, 2026
Modified
May 25, 2026
Description
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls. SonicWall PSIRT is not aware of any active exploitation of this vulnerability in the wild. No reports of a PoC have been made public at the time of this advisory.
Solutions
sonicwall-sonicos-gen5-tz-upgrade-latestsonicwall-sonicos-gen5-nsa-upgrade-latestsonicwall-sonicos-gen6-nsa-tz-soho-w-supermassive-92xx94xx96xx-upgrade-6548-89nsonicwall-sonicos-gen6-nssp-12k-supermassive-9800-upgrade-65112-3nsonicwall-sonicos-nsv-virtual-vmwarehyper-vawsazurekvm-upgrade-654v21s-1288sonicwall-sonicos-gen7-nsa-tz-upgrade-701-r1456sonicwall-sonicos-gen7-nssp-upgrade-701-r579sonicwall-sonicos-gen7-nsv-virtual-gen7-upgrade-701-r1282
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.