34 matches found
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access SMA 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 CVSS score: 6.6, concerns a case of local privilege escalation that arises as a result of...
EUVD-2025-22450
Malicious code in bioql PyPI...
CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...
CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...
CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...
CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...
CVE-2025-40599
CVE-2025-40599 affects SonicWall SMA 100 Series (SMA 210/410/500v) with an authenticated arbitrary file upload in the web management interface that could lead to remote code execution. SonicWall PSIRT confirms a fix in release 10.2.2.1-90sv. THN notes additional guidance: disable remote mgmt on e...
CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...
PT-2025-30578 · Unknown · Sma 100 Series
Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Series versions 210, 410, and 500v SonicWall SMA 100 Series affected versions not specified Description: A critical authenticated arbitrary file upload vulnerability exists in the SonicWall SMA 100 series web management...
PT-2025-30594
Name of the Vulnerable Software and Affected Versions SMA100 series versions affected versions not specified Description A reflected cross-site scripting XSS vulnerability exists in the web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...
The vulnerability of SonicWall SMA 100 series network interface card software, related to buffer overflow in dynamic memory, allows attackers to execute arbitrary code.
The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2023-22311
Improper access control in some IntelR OptaneTM PMem 100 Series Management Software before version 01.00.00.3547 may allow an authenticated user to potentially enable escalation of privilege via local access...
Intel Optane Pmem Security Vulnerability
Intel Optane Pmem is a memory device from Intel Corporation USA. A security vulnerability previously existed in Intel OptaneTM PMem 100 Series Management Software version 01.00.00.3547, which stemmed from improper access control. It could result in an authenticated user potentially being able to...
Malware targeting SonicWall devices could survive firmware updates
Researchers at Mandiant have identified a malware campaign targeting SonicWall SMA 100 Series appliances, thought to be of Chinese origin. The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware was able to stea...
CVE-2022-22273
CVE-2022-22273 describes an OS Command Injection in end-of-life SonicWall SRA appliances and SMA 100 series firmware (SRA 8.x and SMA 9.0.0.5-19sv / 9.0.0.9-26sv and earlier). Root cause: improper neutralization of special elements. Impact: post-auth access leading to command execution with high ...
PT-2022-15319 · Unknown +1 · Sma 100 Series +1
Name of the Vulnerable Software and Affected Versions: SRA versions 8.x through 9.0.0.5-19sv SMA 100 series products versions 9.0.0.9-26sv and earlier Description: The issue is related to improper neutralization of special elements, leading to an OS Command Injection. This affects end-of-life...
SonicWall patches multiple SMA100 affected vulnerabilities
SonicWall has verified and patched vulnerabilities of critical and medium severity CVSS 5.3-9.8 in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities.SonicWall...
SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices
Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access SMA 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary fil...
The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, relates to buffer overflow in the stack. This allows an attacker to execute arbitrary code.
The vulnerability of the DOPSoft software, designed for programming Delta Electronics’ DOP-100 series operator panels, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
Intel Optane Pmem 输入验证错误漏洞
Intel Optane Pmem is a memory device from Intel Corporation USA. An input validation error vulnerability exists in the Intel Optane Pmem device that stems from the product's lack of valid input validation. An attacker could use this vulnerability to cause a denial of service. The following produc...