Description
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Published: 2026-04-29
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a path traversal flaw that exists after an attacker logs into the SonicOS device. By manipulating file paths, the attacker can reach and control services that are normally hidden or protected by the authentication layer. This allows the attacker to read or modify system configuration files and gain unauthorized access, potentially compromising confidentiality and integrity of the network infrastructure.

Affected Systems

The flaw is reported in SonicWall SonicOS, but no specific version or build numbers are listed in the CNA data. Administrators should review the SonicWall advisories to identify which firmware releases include the fix.

Risk and Exploitability

The CVSS score is 6.8, but the EPSS score is unavailable, making it unclear how often this vulnerability is exploited. The advisory does not state that the issue is in the CISA KEV catalog, so it is not known to be actively leveraged in the wild. Attackers would need to already have authenticated access to the device to exploit the path traversal; the failure to verify proper path sanitization provides a relatively low barrier to exploitation for a privileged user.

Generated by OpenCVE AI on April 30, 2026 at 03:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update SonicOS firmware to the latest release that contains the path traversal fix.
  • Restrict administrative access to SonicOS through network segmentation and use VPN or a dedicated management VLAN.
  • Enable and monitor logging for file access anomalies on the device to detect potential unauthorized path traversal attempts.

Generated by OpenCVE AI on April 30, 2026 at 03:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 04:15:00 +0000

Type Values Removed Values Added
Title Post-Authentication Path Traversal in SonicOS Enabling Restricted Service Access

Wed, 29 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Sonicwall
Sonicwall sonicos
Vendors & Products Sonicwall
Sonicwall sonicos

Wed, 29 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 29 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Weaknesses CWE-35
References

Subscriptions

Sonicwall Sonicos
cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published:

Updated: 2026-04-29T16:59:41.635Z

Reserved: 2025-10-30T10:54:31.125Z

Link: CVE-2026-0205

cve-icon Vulnrichment

Updated: 2026-04-29T16:59:34.204Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-29T17:16:40.480

Modified: 2026-04-30T15:11:12.703

Link: CVE-2026-0205

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T04:00:15Z

Weaknesses