SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access SMA 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 CVSS score: 6.6, concerns a case of local privilege escalation that arises as a result of...

EUVD-2025-22450

Malicious code in bioql PyPI...

EUVD-2021-7505

Malicious code in bioql PyPI...

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

SonicWall SMA100 Post-authentication Arbitrary File Upload vulnerability

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution. SonicWall strongly recommends...

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

CVE-2025-40599

CVE-2025-40599 affects SonicWall SMA 100 Series (SMA 210/410/500v) with an authenticated arbitrary file upload in the web management interface that could lead to remote code execution. SonicWall PSIRT confirms a fix in release 10.2.2.1-90sv. THN notes additional guidance: disable remote mgmt on e...

PT-2025-30578 · Unknown · Sma 100 Series

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Series versions 210, 410, and 500v SonicWall SMA 100 Series affected versions not specified Description: A critical authenticated arbitrary file upload vulnerability exists in the SonicWall SMA 100 series web management...

PT-2025-30594

Name of the Vulnerable Software and Affected Versions SMA100 series versions affected versions not specified Description A reflected cross-site scripting XSS vulnerability exists in the web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...

SonicWall SMA 100 Series 跨站脚本漏洞

SonicWall SMA 100 Series is a series of remote access software from SonicWall Corporation. A cross-site scripting vulnerability exists in SonicWall SMA 100 Series that originates from reflective cross-site scripting and could lead to arbitrary JavaScript code execution...

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access SMA 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Goog...

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access SMA appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below - CVE-2025-32819 CVSS score: 8.8 - A vulnerability in SMA100 allows a remote...

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities CVE-2024-38475 & CVE-2023-44221 potentially leading to full system takeover…...

The vulnerability of SonicWall SMA 100 network firewall microprogramming software, related to the use of a insecure random number generator program, allows attackers to disclose protected information.

The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to the use of a potentially insecure program for generating random numbers. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

The vulnerability of the implementation of the SSL VPN technology using the micro-programming software for network interfaces of the SMA 100 series, which allows a intruder to execute any command they desire.

The vulnerability of the implementation of the SSL VPN micro-programming system for network interfaces of SONICWALL series SMA 100 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor ...

Malware targeting SonicWall devices could survive firmware updates

Researchers at Mandiant have identified a malware campaign targeting SonicWall SMA 100 Series appliances, thought to be of Chinese origin. The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware was able to stea...