SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

From

Vert Alert

Vulnerability Description

Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as well as SSL VPN remote access.

Read more…