Tag

#sonicwall

3 posts tagged #sonicwall.

Analysis · May 25, 2026 · Colten Anderson

SonicWall patched CVE-2024-12802 and left the bug in place on Gen6

The firmware update closes the code path but does not rewrite the LDAP config the exploit actually uses. On Gen6, that distinction is the whole vulnerability.
Analysis · May 20, 2026 · Colten Anderson

2021 was open season on SonicWall's appliances, remote access and email alike

In 2021, SonicWall's SMA/SRA remote-access appliances and its Email Security product were both hit by zero-day exploitation, by ransomware crews and APTs. Seven of those CVEs are in the catalog, several used before patches existed.
Analysis · May 20, 2026 · Colten Anderson

Akira's favorite front door is a SonicWall SSL-VPN, and it's fast

Three SonicWall bugs, CVE-2024-40766, CVE-2024-53704, and CVE-2025-23006, feed the same outcome: Akira ransomware through the SSL-VPN. In one campaign, the time from SonicWall access to encrypted files was 55 minutes. Several of these bugs walk past MFA.