CVE-2021-20028
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
CVSS
—
No CVSS
EPSS
30.1%
p98
KEV
YES
Mar 28, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
30.1%EPSS · 30 days30.1%
2026-06-302026-07-16
Product
SonicWall / Secure Remote Access (SRA)
Vulnerability
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
Added to KEV
Mar 28, 2022
Remediate by
Apr 18, 2022
Known ransomware use
Yes
Summary description
SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
Required action
The impacted product is end-of-life and should be disconnected if still in use.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-20028
No related CVEs by CWE or product.