I recently found two vulnerabilities in SonicWall’s Mobile Access (SMA) web interface. You can read the full disclosure here.
Useful links:
- Responsible disclosure
- CVE assigned: CVE-2021-20049, CVE-2021-20050
- SonicWall’s advisories: SNWLID-2021-0030, SNWLID-2021-0031