CVE-2026-0205 - Vulnerability Details

A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Sonicwall	Nsa 2650 Nsa 2700 Nsa 2800 Nsa 3600 Nsa 3650 Nsa 3700 Nsa 3800 Nsa 4600 Nsa 4650 Nsa 4700 Nsa 4800 Nsa 5600 Nsa 5650 Nsa 5700 Nsa 5800 Nsa 6600 Nsa 6650 Nsa 6700 Nssp 10700 Nssp 11700 Nssp 13700 Nssp 15700 Nsv 270 Nsv 470 Nsv 870 Sm 9200 Sm 9250 Sm 9400 Sm 9450 Sm 9600 Sm 9650 Soho 250 Soho 250w Sohow Sonicos Tz270 Tz270w Tz280 Tz280w Tz370 Tz370w Tz380 Tz380w Tz470 Tz470w Tz480 Tz570 Tz570p Tz570w Tz580 Tz670 Tz680 Tz80 Tz 300 Tz 300p Tz 300w Tz 350 Tz 350w Tz 400 Tz 400w Tz 500 Tz 500w Tz 600 Tz 600p

Configuration 1 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6650:-:::::::*
	cpe:2.3:h:sonicwall:sm_9200:-:::::::*
	cpe:2.3:h:sonicwall:sm_9250:-:::::::*
	cpe:2.3:h:sonicwall:sm_9400:-:::::::*
	cpe:2.3:h:sonicwall:sm_9450:-:::::::*
	cpe:2.3:h:sonicwall:sm_9600:-:::::::*
	cpe:2.3:h:sonicwall:sm_9650:-:::::::*
	cpe:2.3:h:sonicwall:soho_250:-:::::::*
	cpe:2.3:h:sonicwall:soho_250w:-:::::::*
	cpe:2.3:h:sonicwall:sohow:-:::::::*
	cpe:2.3:h:sonicwall:tz_300:-:::::::*
	cpe:2.3:h:sonicwall:tz_300p:-:::::::*
	cpe:2.3:h:sonicwall:tz_300w:-:::::::*
	cpe:2.3:h:sonicwall:tz_350:-:::::::*
	cpe:2.3:h:sonicwall:tz_350w:-:::::::*
	cpe:2.3:h:sonicwall:tz_400:-:::::::*
	cpe:2.3:h:sonicwall:tz_400w:-:::::::*
	cpe:2.3:h:sonicwall:tz_500:-:::::::*
	cpe:2.3:h:sonicwall:tz_500w:-:::::::*
	cpe:2.3:h:sonicwall:tz_600:-:::::::*
	cpe:2.3:h:sonicwall:tz_600p:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:sonicwall:sonicos::::::::
	cpe:2.3:o:sonicwall:sonicos::::::::

OR	cpe:2.3:h:sonicwall:nsa_2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_13700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_15700:-:::::::*
	cpe:2.3:h:sonicwall:nsv_270:-:::::::*
	cpe:2.3:h:sonicwall:nsv_470:-:::::::*
	cpe:2.3:h:sonicwall:nsv_870:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2800:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3800:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4800:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5800:-:::::::*
	cpe:2.3:h:sonicwall:tz280:-:::::::*
	cpe:2.3:h:sonicwall:tz280w:-:::::::*
	cpe:2.3:h:sonicwall:tz380:-:::::::*
	cpe:2.3:h:sonicwall:tz380w:-:::::::*
	cpe:2.3:h:sonicwall:tz480:-:::::::*
	cpe:2.3:h:sonicwall:tz580:-:::::::*
	cpe:2.3:h:sonicwall:tz680:-:::::::*
	cpe:2.3:h:sonicwall:tz80:-:::::::*

No data.

References

Link	Providers
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004

History

Tue, 05 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sonicwall nsa 2650 Sonicwall nsa 2700 Sonicwall nsa 2800 Sonicwall nsa 3600 Sonicwall nsa 3650 Sonicwall nsa 3700 Sonicwall nsa 3800 Sonicwall nsa 4600 Sonicwall nsa 4650 Sonicwall nsa 4700 Sonicwall nsa 4800 Sonicwall nsa 5600 Sonicwall nsa 5650 Sonicwall nsa 5700 Sonicwall nsa 5800 Sonicwall nsa 6600 Sonicwall nsa 6650 Sonicwall nsa 6700 Sonicwall nssp 10700 Sonicwall nssp 11700 Sonicwall nssp 13700 Sonicwall nssp 15700 Sonicwall nsv 270 Sonicwall nsv 470 Sonicwall nsv 870 Sonicwall sm 9200 Sonicwall sm 9250 Sonicwall sm 9400 Sonicwall sm 9450 Sonicwall sm 9600 Sonicwall sm 9650 Sonicwall soho 250 Sonicwall soho 250w Sonicwall sohow Sonicwall tz270 Sonicwall tz270w Sonicwall tz280 Sonicwall tz280w Sonicwall tz370 Sonicwall tz370w Sonicwall tz380 Sonicwall tz380w Sonicwall tz470 Sonicwall tz470w Sonicwall tz480 Sonicwall tz570 Sonicwall tz570p Sonicwall tz570w Sonicwall tz580 Sonicwall tz670 Sonicwall tz680 Sonicwall tz80 Sonicwall tz 300 Sonicwall tz 300p Sonicwall tz 300w Sonicwall tz 350 Sonicwall tz 350w Sonicwall tz 400 Sonicwall tz 400w Sonicwall tz 500 Sonicwall tz 500w Sonicwall tz 600 Sonicwall tz 600p
CPEs		cpe:2.3:h:sonicwall:nsa_2650:-:::::::* cpe:2.3:h:sonicwall:nsa_2700:-:::::::* cpe:2.3:h:sonicwall:nsa_2800:-:::::::* cpe:2.3:h:sonicwall:nsa_3600:-:::::::* cpe:2.3:h:sonicwall:nsa_3650:-:::::::* cpe:2.3:h:sonicwall:nsa_3700:-:::::::* cpe:2.3:h:sonicwall:nsa_3800:-:::::::* cpe:2.3:h:sonicwall:nsa_4600:-:::::::* cpe:2.3:h:sonicwall:nsa_4650:-:::::::* cpe:2.3:h:sonicwall:nsa_4700:-:::::::* cpe:2.3:h:sonicwall:nsa_4800:-:::::::* cpe:2.3:h:sonicwall:nsa_5600:-:::::::* cpe:2.3:h:sonicwall:nsa_5650:-:::::::* cpe:2.3:h:sonicwall:nsa_5700:-:::::::* cpe:2.3:h:sonicwall:nsa_5800:-:::::::* cpe:2.3:h:sonicwall:nsa_6600:-:::::::* cpe:2.3:h:sonicwall:nsa_6650:-:::::::* cpe:2.3:h:sonicwall:nsa_6700:-:::::::* cpe:2.3:h:sonicwall:nssp_10700:-:::::::* cpe:2.3:h:sonicwall:nssp_11700:-:::::::* cpe:2.3:h:sonicwall:nssp_13700:-:::::::* cpe:2.3:h:sonicwall:nssp_15700:-:::::::* cpe:2.3:h:sonicwall:nsv_270:-:::::::* cpe:2.3:h:sonicwall:nsv_470:-:::::::* cpe:2.3:h:sonicwall:nsv_870:-:::::::* cpe:2.3:h:sonicwall:sm_9200:-:::::::* cpe:2.3:h:sonicwall:sm_9250:-:::::::* cpe:2.3:h:sonicwall:sm_9400:-:::::::* cpe:2.3:h:sonicwall:sm_9450:-:::::::* cpe:2.3:h:sonicwall:sm_9600:-:::::::* cpe:2.3:h:sonicwall:sm_9650:-:::::::* cpe:2.3:h:sonicwall:soho_250:-:::::::* cpe:2.3:h:sonicwall:soho_250w:-:::::::* cpe:2.3:h:sonicwall:sohow:-:::::::* cpe:2.3:h:sonicwall:tz270:-:::::::* cpe:2.3:h:sonicwall:tz270w:-:::::::* cpe:2.3:h:sonicwall:tz280:-:::::::* cpe:2.3:h:sonicwall:tz280w:-:::::::* cpe:2.3:h:sonicwall:tz370:-:::::::* cpe:2.3:h:sonicwall:tz370w:-:::::::* cpe:2.3:h:sonicwall:tz380:-:::::::* cpe:2.3:h:sonicwall:tz380w:-:::::::* cpe:2.3:h:sonicwall:tz470:-:::::::* cpe:2.3:h:sonicwall:tz470w:-:::::::* cpe:2.3:h:sonicwall:tz480:-:::::::* cpe:2.3:h:sonicwall:tz570:-:::::::* cpe:2.3:h:sonicwall:tz570p:-:::::::* cpe:2.3:h:sonicwall:tz570w:-:::::::* cpe:2.3:h:sonicwall:tz580:-:::::::* cpe:2.3:h:sonicwall:tz670:-:::::::* cpe:2.3:h:sonicwall:tz680:-:::::::* cpe:2.3:h:sonicwall:tz80:-:::::::* cpe:2.3:h:sonicwall:tz_300:-:::::::* cpe:2.3:h:sonicwall:tz_300p:-:::::::* cpe:2.3:h:sonicwall:tz_300w:-:::::::* cpe:2.3:h:sonicwall:tz_350:-:::::::* cpe:2.3:h:sonicwall:tz_350w:-:::::::* cpe:2.3:h:sonicwall:tz_400:-:::::::* cpe:2.3:h:sonicwall:tz_400w:-:::::::* cpe:2.3:h:sonicwall:tz_500:-:::::::* cpe:2.3:h:sonicwall:tz_500w:-:::::::* cpe:2.3:h:sonicwall:tz_600:-:::::::* cpe:2.3:h:sonicwall:tz_600p:-:::::::* cpe:2.3:o:sonicwall:sonicos::::::::
Vendors & Products		Sonicwall nsa 2650 Sonicwall nsa 2700 Sonicwall nsa 2800 Sonicwall nsa 3600 Sonicwall nsa 3650 Sonicwall nsa 3700 Sonicwall nsa 3800 Sonicwall nsa 4600 Sonicwall nsa 4650 Sonicwall nsa 4700 Sonicwall nsa 4800 Sonicwall nsa 5600 Sonicwall nsa 5650 Sonicwall nsa 5700 Sonicwall nsa 5800 Sonicwall nsa 6600 Sonicwall nsa 6650 Sonicwall nsa 6700 Sonicwall nssp 10700 Sonicwall nssp 11700 Sonicwall nssp 13700 Sonicwall nssp 15700 Sonicwall nsv 270 Sonicwall nsv 470 Sonicwall nsv 870 Sonicwall sm 9200 Sonicwall sm 9250 Sonicwall sm 9400 Sonicwall sm 9450 Sonicwall sm 9600 Sonicwall sm 9650 Sonicwall soho 250 Sonicwall soho 250w Sonicwall sohow Sonicwall tz270 Sonicwall tz270w Sonicwall tz280 Sonicwall tz280w Sonicwall tz370 Sonicwall tz370w Sonicwall tz380 Sonicwall tz380w Sonicwall tz470 Sonicwall tz470w Sonicwall tz480 Sonicwall tz570 Sonicwall tz570p Sonicwall tz570w Sonicwall tz580 Sonicwall tz670 Sonicwall tz680 Sonicwall tz80 Sonicwall tz 300 Sonicwall tz 300p Sonicwall tz 300w Sonicwall tz 350 Sonicwall tz 350w Sonicwall tz 400 Sonicwall tz 400w Sonicwall tz 500 Sonicwall tz 500w Sonicwall tz 600 Sonicwall tz 600p

Thu, 30 Apr 2026 04:15:00 +0000

Type	Values Removed	Values Added
Title		Post-Authentication Path Traversal in SonicOS Enabling Restricted Service Access

Wed, 29 Apr 2026 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sonicwall Sonicwall sonicos
Vendors & Products		Sonicwall Sonicwall sonicos

Wed, 29 Apr 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 6.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 29 Apr 2026 16:45:00 +0000

Type	Values Removed	Values Added
Description		A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Weaknesses		CWE-35
References		https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004

MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2026-04-29T16:18:45.856Z

Updated: 2026-04-29T16:59:41.635Z

Reserved: 2025-10-30T10:54:31.125Z

Link: CVE-2026-0205

Vulnrichment

Updated: 2026-04-29T16:59:34.204Z

NVD

Status : Analyzed

Published: 2026-04-29T17:16:40.480

Modified: 2026-05-05T16:12:02.093

Link: CVE-2026-0205

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object