CVE STALKER

CVE-2021-20038

CVSS
DESCRIPTIONA Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
HEAT SCORE463

WORDS

TWEETS

DATE TWEETS USER
2022-04-29 12:51:20🚨 NEW: CVE-2021-20038 🚨 A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module… https://t.co/V2nwLTy06Q https://twitter.com/i/web/status/1520020889840070656threatintelctr
2022-04-27 23:50:30@SonicWall you might want to update SNWLID-2021-0026 given that @CISAgov has CVE-2021-20038 on their list of routin… https://t.co/IB0tYadNlD https://twitter.com/i/web/status/1519462647590113280brooksdavis
2022-02-14 02:50:05@buffaloverflow Hi Rich, is there a more stable way for CVE-2021-20038? For example, hijacking function pointers, e… https://t.co/64M7OnSbup https://twitter.com/i/web/status/1493053607255896066H4looo
2022-02-03 16:40:46CVE-2021-20038 https://t.co/u7CLauI9Zt https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysisreverseame
2022-02-02 09:51:201. CVE-2021-44228 2. CVE-2022-0185 3. CVE-2021-40444 4. CVE-2021-35232 5. CVE-2021-20038 6. CVE-2021-45467 7. CVE-2… https://t.co/dybD6obREp https://twitter.com/i/web/status/1488810280167501831cyberthint
2022-01-28 21:40:08CVE-2021-20038 exploit activity detected from 23.95.191.205 (🇺🇸) targeting SonicWall SMA100 appliances vulnerable t… https://t.co/UeKDEITZOl https://twitter.com/i/web/status/1487178457318510593bad_packets
2022-01-28 21:10:36・CVE-2022-22587 AppleIOMobileFrameBufferのメモリ破損の脆弱性 ・CVE-2021-20038 SonicWall SMA100アプライアンススタックベースのバッファオーバーフローの脆弱性 ・… https://t.co/y5KckbMOGz https://twitter.com/i/web/status/1487168953264664576foxbook
2022-01-27 08:19:51#SonicWall SonicWall is aware of new reports of attempted exploitation against a 2021 vulnerability (CVE-2021-20038… https://t.co/iSBCeBV2r3 https://twitter.com/i/web/status/1486610077536686086dachelc
2022-01-27 08:19:29#SonicWall SonicWall patched the vulnerability (CVE-2021-20038) in early December 2021 and communicated guidance to… https://t.co/a5yGuWxbkg https://twitter.com/i/web/status/1486610078992064512dachelc
2022-01-26 23:41:0910 new OPEN, 24 new PRO (10 + 14) Gh0stRAT CnC, Win32/ClipBanker, SonicWall CVE-2021-20038 and CVE-2021-20039 sigs,… https://t.co/IGLXBy5iRv https://twitter.com/i/web/status/1486483305016999951ET_Labs
2022-01-26 23:11:50はてなブログに投稿しました #はてなブログ SonicWall製VPN製品の脆弱性 CVE-2021-20038、CVE-2021-20045 スコアが高く要注意 - ITよろづや https://t.co/VG82yARmpm https://ityorozuya.hatenablog.com/entry/2022/01/26/000000merrywhite0715
2022-01-26 20:30:28SonicWall is aware of new reports of attempted exploitation against a 2021 vulnerability (CVE-2021-20038). SonicWal… https://t.co/gKQ6W2v7Pj https://twitter.com/i/web/status/1486435556561203212SonicWall
2022-01-26 20:30:24SonicWall patched the vulnerability (CVE-2021-20038) in early December 2021 and communicated guidance to impacted c… https://t.co/DjjYHUPd1o https://twitter.com/i/web/status/1486435558587080708SonicWall
2022-01-26 15:53:35GreyNoise has observed a total of 4 unique IPs attempting to exploit CVE-2021-20038. However, we have not observed… https://t.co/9vp5IMeOjj https://twitter.com/i/web/status/1486364870874382338GreyNoiseIO
2022-01-26 15:50:37At this time GreyNoise researcher’s are unable to provide a tag that accurately captures only CVE-2021-20038 traffic.GreyNoiseIO
2022-01-26 11:40:23Hackers appear to be targeting the SonicWall vulnerability CVE-2021-20038, and while attacks observed so far have n… https://t.co/5uiejUHPWD https://twitter.com/i/web/status/1486302648550801411EduardKovacs
2022-01-26 10:47:08Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (… https://t.co/V82UcaQjgp https://twitter.com/i/web/status/1486135021786353664AlexaGm33043450
2022-01-26 09:13:11Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (… https://t.co/R7ZkuWlv6n https://twitter.com/i/web/status/1486233702652944386cybsecbot
2022-01-26 09:09:33Bad Blood Exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems u… https://t.co/joAn2k881j https://twitter.com/i/web/status/1486241641375612929hack_git
2022-01-25 12:30:05Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) ga… https://t.co/GiOdSZ1xT9 https://twitter.com/i/web/status/1485952244130455554ShahriyarGourgi
2022-01-25 11:11:04JPCERT/CCから、SonicWall SMA100シリーズの脆弱性が注意喚起されました。 https://t.co/EnZHARCmoT PoCが公開さており、1月24日には( CVE-2021-20038 CVSSv3… https://t.co/aAMEk2Ctx3 https://www.jpcert.or.jp/at/2022/at220004.html https://twitter.com/i/web/status/1485908576547717123futurevuls
2022-01-25 11:00:43Exploitation in the wild of SonicWall SMA100 series (CVE-2021-20038) taking place, helped by PoC being made availab… https://t.co/Ia02orUmOp https://twitter.com/i/web/status/1485913076947902465SecAlliance
2022-01-25 09:10:08SonicWall SMA100シリーズの脆弱性 CVE-2021-20038についてPoCが公開され悪用通信も観測とのこと。 https://t.co/E5EVEoatYE 網羅性は未検証ですがWWで2万台弱、国内で1560台… https://t.co/MCnljNfaIR https://www.jpcert.or.jp/at/2022/at220004.html https://twitter.com/i/web/status/1485901775425388549nekono_naha
2022-01-25 08:00:04SMAの /lib/mod_cgi.so の修正がバグを呼んだってことか。 / “CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) | R… https://t.co/Jk1lVsBeJL https://twitter.com/i/web/status/1485883722713157638waiha8
2022-01-24 18:00:09Some attempts itw on CVE-2021-20038 (SonicWall SMA RCE). Also some password spraying of default passwords from the… https://t.co/cVEpbgBDZZ https://twitter.com/i/web/status/1485671824725786633buffaloverflow
2022-01-21 18:21:28Sonicwall SSL VPN nobody BOF RCE (CVE-2021-20038) https://t.co/u08kLCNOyT https://t.co/brHOcipJgr https://ift.tt/3nOHDzX https://ift.tt/3tNQWDSbuaqbot
2022-01-17 17:50:38#SANSNewsBites #CyberSecurity #Automated | CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) https://t.co/8pwdyGOi5J https://www.rapid7.com/blog/post/2022/01/11/cve-2021-20038-42-sonicwall-sma-100-multiple-vulnerabilities-fixed-2/hasdid
2022-01-14 07:23:12SonicWall製品の脆弱性CVE-2021-20038 PoCの検証をしたかったのですが、仮想アプライアンスのイメージデータが無償では公開されていなさそうです。kage6shadow
2022-01-13 16:58:18SonicWall SSL VPN CVE-2021-20038 exploit in the wild. It allows a remote unauthenticated attacker to potentially ex… https://t.co/V05QsBj7ZU https://twitter.com/i/web/status/1481667630121603079vFeed_IO
2022-01-13 16:58:02SonicWall SSL VPN CVE-2021-20038 exploit in the wild. It allows a remote unauthenticated attacker to potentially ex… https://t.co/OY3ARTYvCw https://twitter.com/i/web/status/1481667768231600128ToolsWatch
2022-01-12 20:17:58CVE-2021-20038 https://t.co/mEPoLXz5zw #Pentesting #CVE #Infosec https://t.co/TnugTYNxZM https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysisptracesecurity
2022-01-12 15:53:35CVE-2021-20038 Sonicwall SSL VPN nobody BOF 远程代码执行漏洞 https://t.co/w1I2v8LNVO https://www.xxe.one/index.php?threads/147/xxe_one
2022-01-12 15:11:49Interesting analysis and exploitation of CVE-2021-20038: unauthenticated stack based buffer overflow in SonicWall S… https://t.co/JutCc267bp https://twitter.com/i/web/status/1481281603104292870payloadartist
2022-01-12 14:58:58Sonicwall SSL VPN BOF RCE (CVE-2021-20038) https://t.co/Vz5x8emt5c https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysistheologu
2022-01-12 13:10:17Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) https://t.co/f2hQ2s4W1d #CVE #SonicWall https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysisaxcheron
2022-01-12 10:12:18"Sonicwall SSL VPN nobody BOF RCE (CVE-2021-20038)" Tl;Dr: GET /%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf%64%b8%06%08;{… https://t.co/URgCVUn3Wv https://twitter.com/i/web/status/1481204828961492996_hg8_
2022-01-12 09:40:09CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) | Rapid7 Blog https://t.co/IAC1hlW0ea https://www.rapid7.com/blog/post/2022/01/11/cve-2021-20038-42-sonicwall-sma-100-multiple-vulnerabilities-fixed-2/Secnewsbytes
2022-01-12 07:02:14Sonicwall SSL VPN nobody BOF RCE (CVE-2021-20038) GET /%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf%64%b8%06%08;{touch,/tm… https://t.co/Xe2gMb8gLw https://twitter.com/i/web/status/1481158216390426628wugeej
2022-01-12 05:20:15CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) https://t.co/3TThWUukAF https://www.rapid7.com/blog/post/2022/01/11/cve-2021-20038-42-sonicwall-sma-100-multiple-vulnerabilities-fixed-2/sarmentots
2022-01-12 04:35:18CVE-2021-20038ohhara_shiojiri
2022-01-11 21:40:13Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) https://t.co/c9L52txUGZ #infosec #pentest #redteam RT @Dinosn https://www.reddit.com/r/netsec/comments/s1dtx2/writing_an_exploit_for_cve202120038_sonicwall_ssl/beingsheerazali
2022-01-11 21:40:10Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) https://t.co/c9L52txUGZ #infosec #pentest #bugbounty @Dinosn https://www.reddit.com/r/netsec/comments/s1dtx2/writing_an_exploit_for_cve202120038_sonicwall_ssl/beingsheerazali
2022-01-11 21:01:12Critical #SonicWall #NAC Vulnerability Stems from #Apache Mods @SonicWall #CVE-2021-20038 #hacking #pentesting… https://t.co/TJxozGjRMg https://twitter.com/i/web/status/1481006757833068548misaelban
2022-01-11 20:20:23「バグ(CVE-2021-20038)は、人気のある一連のネットワークアクセス制御(NAC)システム製品で発見された5つの脆弱性の1つです。」 https://t.co/B5b8iKVlnx https://twitter.com/foxbook/status/1480997003765358592foxbook
2022-01-11 19:21:58Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) https://t.co/p3qQK5mn2T https://www.reddit.com/r/netsec/comments/s1dtx2/writing_an_exploit_for_cve202120038_sonicwall_ssl/Dinosn
2022-01-11 15:50:29New post: "Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN)" https://t.co/lcbMkcHYMZ https://ift.tt/3feuPhCMyinfosecfeed
2022-01-11 15:00:08Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) via /r/netsec https://t.co/F7KEADHNtV #cybersecurity #netsec #news https://ift.tt/3raA3jMCybrXx0
2022-01-11 14:31:47Writing an Exploit for CVE-2021-20038 (SonicWall SSL VPN) https://t.co/STwfmY7Efn https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis_r_netsec
2022-01-11 14:31:42Rapid7 Blog | CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) https://t.co/Dn6wxYUs2g https://stpmvt.com/3nfJsp0StopMalvertisin
2022-01-11 14:21:17ヤバいやつの詳細。 CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) https://t.co/RrRROmBSFQ https://t.co/hLjPd7f3mR https://www.rapid7.com/blog/post/2022/01/11/cve-2021-20038-42-sonicwall-sma-100-multiple-vulnerabilities-fixed-2/autumn_good_35
2022-01-11 14:21:12CVE-2021-20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED) https://t.co/pu6Vksc910 https://t.co/4aoSsYBDRX http://dlvr.it/SGwRfwAcooEdi
2022-01-11 14:17:10My favorite is CVE-2021-20038, an unauthenticated stack-based buffer overflow in the web server. I wrote a fairly d… https://t.co/G9zczxKgk5 https://twitter.com/i/web/status/1480904664665276416Junior_Baines
2022-01-11 14:15:46Building off of the AttackerKB entry, I also wrote a exploit for CVE-2021-20038 that opens up a bind shell for an a… https://t.co/72ohjGmc2a https://twitter.com/i/web/status/1480904666007359496Junior_Baines
2021-12-13 22:24:02SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038) #infosec… https://t.co/yfvkU0fabm https://twitter.com/i/web/status/1470514057878851596RH_ISAC
2021-12-13 08:00:46#CyberSecurity #Security #CERT #CVE #Nist #breach #vulnerability : CVE-2021-20038 (sma_200_firmware, sma_210_firmwa… https://t.co/UFHlHQp168 https://twitter.com/i/web/status/14703013329385799714ng3n01r3
2021-12-10 15:41:59New post from https://t.co/uXvPWJy6tj (CVE-2021-20038 (sma_200_firmware, sma_210_firmware, sma_400_firmware, sma_41… https://t.co/fjZwoPKOzQ http://www.sesin.at https://twitter.com/i/web/status/1469326186450927623WolfgangSesin
2021-12-10 15:41:28New post from https://t.co/9KYxtdZjkl (CVE-2021-20038 (sma_200_firmware, sma_210_firmware, sma_400_firmware, sma_41… https://t.co/o7ODkmm7h3 http://www.sesin.at https://twitter.com/i/web/status/1469326227009945603www_sesin_at
2021-12-10 13:50:34🚨 NEW: CVE-2021-20038 🚨 A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module… https://t.co/PvDXkwMof7 https://twitter.com/i/web/status/1469303273832255489threatintelctr
2021-12-09 17:20:27SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038) https://t.co/6pxf6gAaCH http://ow.ly/fivx103eeElAlicePintori
2021-12-09 13:52:48SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038) https://t.co/VNHZn1iSA2 http://ow.ly/tNfZ103eaYaMichal_Jarski
2021-12-09 11:40:32SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038) https://t.co/2XAhobUwJY http://ow.ly/aY53103e9OlArt_Capella
2021-12-09 03:22:01SonicWall Urges Users to Patch Several Vulnerabilities in Secure Mobile Access Products (CVE-2021-20038) - https://t.co/0sANac3UXH https://www.tenable.com/blog/sonicwall-urges-users-to-patch-several-vulnerabilities-in-secure-mobile-access-products-cveka0com
2021-12-09 00:12:11The most recent advisory from #Sonicwall (CVE-2021-20038), affecting #SMA100 devices has me worried for many reason… https://t.co/veOsgIC1i4 https://twitter.com/i/web/status/1468733137723084802fancy_4n6
2021-12-08 21:02:36「SonicWallによってパッチが適用された最も重大な欠陥は、 CVE-2021-20038 とCVE-2021-20045です。これらは、スタックベースの2つの重大なバッファオーバーフローの脆弱性であり、認証されていないリモ… https://t.co/qGMzGPXY5r https://twitter.com/i/web/status/1468683107419451392foxbook
2021-12-08 14:00:56ヤバいの色々🚨🚨🚨 CVE-2021-20038 CVE-2021-20039 CVE-2021-20040 CVE-2021-20041 CVE-2021-20042 CVE-2021-20043 CVE-2021-20044… https://t.co/AigFRD7Vyl https://twitter.com/i/web/status/1468578720558772224autumn_good_35
2021-12-08 13:30:04CVE-2021-20038 shall henceforth be named Sonic Geo https://t.co/Mb77H1hTE5 https://nvd.nist.gov/vuln/detail/CVE-2021-20038vulnonym
2021-12-08 12:00:19CVE-2021-20038 https://t.co/KLWWtrIOTD https://ift.tt/3EA6kq0xanadulinux
2021-12-08 12:00:11#CyberSecurity #Security #CERT #CVE #Nist #breach #vulnerability : CVE-2021-20038 https://t.co/sQd4YviLP2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-200384ng3n01r3
2021-12-08 11:50:31New vulnerability on the NVD: CVE-2021-20038 https://t.co/eRkE7EqoHK https://ift.tt/3EA6kq0workentin
2021-12-08 11:50:04CVE-2021-20038 A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module env… https://t.co/XPeJFqQ5VL https://twitter.com/i/web/status/1468548061693677575VulmonFeeds
2021-12-08 11:40:19New vulnerability on the NVD: CVE-2021-20038 https://t.co/wsVaMR5vox https://ift.tt/3EA6kq0WesUncensored
2021-12-08 11:30:25New post from https://t.co/9KYxtdZjkl (CVE-2021-20038) has been published on https://t.co/aw4EyJOWE7 http://www.sesin.at https://www.sesin.at/2021/12/08/cve-2021-20038/www_sesin_at
2021-12-08 11:30:14New post from https://t.co/uXvPWJy6tj (CVE-2021-20038) has been published on https://t.co/GBrY5D8IbA http://www.sesin.at https://www.sesin.at/2021/12/08/cve-2021-20038/WolfgangSesin
2021-12-08 11:10:32Potentially Critical CVE Detected! CVE-2021-20038 Description: A Stack-based buffer overflow vulnerability in SMA10… https://t.co/f3CTRoJack https://twitter.com/i/web/status/1468536231264935936Robo_Alerts
2021-12-08 10:50:27CVE-2021-20038 A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environme… https://t.co/mamc69oRgz https://twitter.com/i/web/status/1468532080829214720CVEnew
2021-12-08 10:10:39CVE-2021-20038 : A Stack-based buffer overflow vulnerability in SMA100 #Apache httpd server's mod_cgi module enviro… https://t.co/ftk3ruc4Uo https://twitter.com/i/web/status/1468520972693217283CVEreport