SonicWall VPN Portal Vulnerable to Stack-based Buffer...

SonicWall VPN Portal Vulnerable to Stack-based Buffer Overflow Vulnerability (CVE-2020-5135)

Researchers at Tripwire’s Vulnerability and Exposure Research Team discovered a critical pre-authentication vulnerability in the VPN portal for SonicWall’s Network Security Appliance.

The vulnerability, identified as CVE-2020-5135, is a stack-based buffer overflow vulnerability. A remote, unauthenticated attacker can trigger the vulnerability by sending a specially crafted HTTP request using a custom protocol handler to a vulnerable device. It was patched by SonicWall along with 11 other vulnerabilities on October 12.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

SonicWall VPN Portal Vulnerable to Stack-based Buffer...

Recent Discussions

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

Americas

Europe

Asia / Australia