Cyber Resilience

CVE-2024-53705

High

Published: 09 January 2025

Published
09 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0014 34.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53705 is a high-severity SSRF (CWE-918) vulnerability in Sonicwall (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2024-53705 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, in the SonicOS SSH management interface. It affects SonicWall firewalls running SonicOS, enabling a remote attacker to establish a TCP connection to any IP address on any port when a user is logged in to the firewall's management interface. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N), indicating high integrity impact with no requirements for privileges or user interaction.

A remote, unauthenticated attacker can exploit this vulnerability over the network with low complexity once a legitimate user is authenticated to the SSH management interface. Successful exploitation allows the attacker to forge server-side requests, forging TCP connections to internal or external hosts and ports, potentially enabling network scanning, bypassing firewall rules, or accessing services not directly exposed.

SonicWall has published a detailed advisory on the vulnerability at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003, which security practitioners should consult for patch availability and mitigation guidance.

EU & UK References

Vulnerability details

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1046 Network Service Discovery Discovery
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
Why these techniques?

SSRF in public-facing management interface directly enables T1190; arbitrary TCP connections facilitate internal network service discovery (T1046).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-13924Shared CWE-918
CVE-2026-42860Shared CWE-918
CVE-2025-25785Shared CWE-918
CVE-2026-5418Shared CWE-918
CVE-2026-45082Shared CWE-918
CVE-2026-7065Shared CWE-918
CVE-2025-55150Shared CWE-918
CVE-2025-28091Shared CWE-918
CVE-2025-1849Shared CWE-918
CVE-2025-27777Shared CWE-918

Affected Assets

Sonicwall
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the SSRF flaw in the SonicOS SSH management interface by ensuring timely identification, testing, and deployment of vendor patches as noted in the SonicWall advisory.

prevent

Validates inputs such as IP addresses and ports in the SSH management interface to prevent server-side request forgery to arbitrary destinations.

prevent

Enforces information flow control policies on the firewall to block unauthorized outbound TCP connections initiated via SSRF exploitation.

References