Sonicwall Firewall Vpn Vulnerability Cve 2020 5135 Overview And Technical Walkthrough
CVE-2020-5135: Overview The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability leverages the HTTP/HTTPS service used for product management as well as SSL VPN remote access. This service can be exploited to cause a denial-of-service condition and possibly remote code execution. Nikita Abramov of Positive Technologies and Craig Young of Tripwire’s Vulnerability and Exposures Research Team (VERT) discovered CVE-2020-5135. This flaw affects the following versions of SonicOS: According to the researchers, the vulnerability resides in a pre-authentication and in a component SSLVPN, which is often exposed to the public internet....