Email Security Appliance 7000 Firmware
Vulnerabilities
5
Known exploited
3
Max CVSS
9.8
Top EPSS
0.83425
Severity breakdown
Critical
2
High
1
Medium
2
Low
0
Affected version ranges
< 10.0.9.6105< 10.0.9.6177≤ 10.0.33.8195
Also matched as (raw): email_security_appliance_7000_firmware
Top vulnerabilities
CVE-2025-40604Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.
CVE-2021-20021A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.
CVE-2021-20022SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
CVE-2025-40605A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.
CVE-2021-20023SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.