Home

Description

A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.

PUBLISHED Reserved 2025-12-02 | Published 2026-02-24 | Updated 2026-02-24 | Assigner sonicwall

Problem types

CWE-476 NULL Pointer Dereference

Product status

Default status
unknown

7.0.1-5169 and older versions
affected

7.3.1-7013 and older versions
affected

8.1.0-8017 and older versions
affected

Credits

Vang3lis of VARAS@IIE finder

N3vv of Red-Shield Security Lab finder

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001 vendor-advisory

cve.org (CVE-2026-0401)

nvd.nist.gov (CVE-2026-0401)

Download JSON