Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-0400
PUBLISHED
More InfoOfficial Page
Assigner-sonicwall
Assigner Org ID-44b2ff79-1416-4492-88bb-ed0da00c7315
View Known Exploited Vulnerability (KEV) details
Published At-24 Feb, 2026 | 14:54
Updated At-24 Feb, 2026 | 15:35
Rejected At-
▼CVE Numbering Authority (CNA)

A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.

Affected Products
Vendor
SonicWall Inc.SonicWall
Product
SonicOS
Platforms
  • Linux
  • Gen7
  • Gen8
Default Status
unknown
Versions
Affected
  • 7.0.1-5169 and older versions
  • 7.3.1-7013 and older versions
  • 8.1.0-8017 and older versions
Problem Types
TypeCWE IDDescription
CWECWE-134CWE-134 Use of Externally-Controlled Format String
Type: CWE
CWE ID: CWE-134
Description: CWE-134 Use of Externally-Controlled Format String
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Vang3lis and Heuzoo of VARAS@IIE
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001
vendor-advisory
Hyperlink: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.14.9MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 4.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found