CVE-2024-40766

CRITICAL Year: 2024
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-284
View all →

Vulnerability Description

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

Related Vulnerabilities

CVE-2016-0088

CRITICAL
CVSS:9.3(Critical)

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Exe...

CWE-2842016

CVE-2020-8028

CRITICAL
CVSS:9.3(Critical)

A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Ma...

CWE-2842020

CVE-2022-27185

CRITICAL
CVSS:9.3(Critical)

A denial of service vulnerability exists in the confctl_set_master_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An at...

CWE-2842022

CVE-2022-27660

CRITICAL
CVSS:9.3(Critical)

A denial of service vulnerability exists in the confctl_set_guest_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An at...

CWE-2842022

CVE-2024-21364

CRITICAL
CVSS:9.3(Critical)

Microsoft Azure Site Recovery Elevation of Privilege Vulnerability

CWE-2842024

CVE-2024-11167

CRITICAL
CVSS:9.4(Critical)

An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows authenticated users to delete other users' prompts via the groupid parameter. This issue occurs because...

CWE-2842024