CVE-2023-5970 Information

Description

Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters resulting in an MFA bypass.

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018