Lucene search
K

34 matches found

The Hacker News
The Hacker News
added 2025/12/17 6:17 p.m.7 views

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access SMA 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 CVSS score: 6.6, concerns a case of local privilege escalation that arises as a result of...

9.8CVSS8.6AI score0.2236EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-22450

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.11635EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 1:27 p.m.4 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

9.1CVSS7.8AI score0.11635EPSS
Exploits0References1
NVD
NVD
added 2025/07/23 2:15 p.m.6 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

9.1CVSS0.11635EPSS
Exploits0References1
OSV
OSV
added 2025/07/23 2:15 p.m.9 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

9.1CVSS6.3AI score0.11635EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/23 1:13 p.m.4 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

9.4AI score0.11635EPSS
Exploits0References1
CVE
CVE
added 2025/07/23 1:13 p.m.35 views

CVE-2025-40599

CVE-2025-40599 affects SonicWall SMA 100 Series (SMA 210/410/500v) with an authenticated arbitrary file upload in the web management interface that could lead to remote code execution. SonicWall PSIRT confirms a fix in release 10.2.2.1-90sv. THN notes additional guidance: disable remote mgmt on e...

9.1CVSS9.4AI score0.11635EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/23 1:13 p.m.32 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

0.11635EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30578 · Unknown · Sma 100 Series

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Series versions 210, 410, and 500v SonicWall SMA 100 Series affected versions not specified Description: A critical authenticated arbitrary file upload vulnerability exists in the SonicWall SMA 100 series web management...

9.1CVSS9.5AI score0.11635EPSS
Exploits0References48
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30594

Name of the Vulnerable Software and Affected Versions SMA100 series versions affected versions not specified Description A reflected cross-site scripting XSS vulnerability exists in the web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...

7.5CVSS7.1AI score0.56063EPSS
Exploits0References22
BDU FSTEC
BDU FSTEC
added 2024/12/10 12:0 a.m.3 views

The vulnerability of SonicWall SMA 100 series network interface card software, related to buffer overflow in dynamic memory, allows attackers to execute arbitrary code.

The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS8.5AI score0.01043EPSS
Exploits0References2Affected Software6
OSV
OSV
added 2024/02/14 2:15 p.m.0 views

CVE-2023-22311

Improper access control in some IntelR OptaneTM PMem 100 Series Management Software before version 01.00.00.3547 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS6.6AI score
Exploits0References1
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.4 views

Intel Optane Pmem Security Vulnerability

Intel Optane Pmem is a memory device from Intel Corporation USA. A security vulnerability previously existed in Intel OptaneTM PMem 100 Series Management Software version 01.00.00.3547, which stemmed from improper access control. It could result in an authenticated user potentially being able to...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2023/03/10 2:15 p.m.17 views

Malware targeting SonicWall devices could survive firmware updates

Researchers at Mandiant have identified a malware campaign targeting SonicWall SMA 100 Series appliances, thought to be of Chinese origin. The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware was able to stea...

0.5AI score
Exploits0
CVE
CVE
added 2022/03/17 1:40 a.m.102 views

CVE-2022-22273

CVE-2022-22273 describes an OS Command Injection in end-of-life SonicWall SRA appliances and SMA 100 series firmware (SRA 8.x and SMA 9.0.0.5-19sv / 9.0.0.9-26sv and earlier). Root cause: improper neutralization of special elements. Impact: post-auth access leading to command execution with high ...

9.8CVSS9.6AI score0.01906EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/17 12:0 a.m.7 views

PT-2022-15319 · Unknown +1 · Sma 100 Series +1

Name of the Vulnerable Software and Affected Versions: SRA versions 8.x through 9.0.0.5-19sv SMA 100 series products versions 9.0.0.9-26sv and earlier Description: The issue is related to improper neutralization of special elements, leading to an OS Command Injection. This affects end-of-life...

9.8CVSS7.2AI score0.01906EPSS
Exploits0References4
SonicWall
SonicWall
added 2021/12/07 6:20 p.m.15 views

SonicWall patches multiple SMA100 affected vulnerabilities

SonicWall has verified and patched vulnerabilities of critical and medium severity CVSS 5.3-9.8 in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities.SonicWall...

9.8CVSS9.6AI score0.99912EPSS
Exploits8
The Hacker News
The Hacker News
added 2021/09/25 5:39 a.m.37 views

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access SMA 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary fil...

9.1CVSS3.1AI score0.80701EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2021/08/27 12:0 a.m.4 views

The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, relates to buffer overflow in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

7.8CVSS7.9AI score0.02376EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.6 views

Intel Optane Pmem 输入验证错误漏洞

Intel Optane Pmem is a memory device from Intel Corporation USA. An input validation error vulnerability exists in the Intel Optane Pmem device that stems from the product's lack of valid input validation. An attacker could use this vulnerability to cause a denial of service. The following produc...

4.4CVSS5.2AI score0.00224EPSS
Exploits0References5
Rows per page
Query Builder