CVEs-PoC/2021/CVE-2021-20050.md

### [CVE-2021-20050](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20050)
![](https://img.shields.io/static/v1?label=Product&message=SonicWall%20SMA100&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.2.0.8-37sv%20and%20earlier%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=10.2.1.2-24sv%20and%20earlier%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brightgreen)

### Description

An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/InfoSecPolkCounty/CVE2021-40444-document-Scanner
- https://github.com/Live-Hack-CVE/CVE-2021-20050
- https://github.com/RedTeamExp/CVE-2021-22005_PoC
- https://github.com/TrojanAZhen/Self_Back