CVE-2026-0205 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 MEDIUM	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Affected Products (NVD)

Vendor	Product	Version
sonicwall	sonicos	𝑥 < 6.5.5.2-28n
sonicwall	sonicos	7.0.0.0 ≤ 𝑥 ≤ 7.0.1-5169
sonicwall	sonicos	7.1.1-7040 ≤ 𝑥 < 7.3.2-7010
sonicwall	sonicos	8.0.0-8035 ≤ 𝑥 < 8.2.0-8009

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-35 - Path Traversal: '.../...//'
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004