5 matches found
PT-2026-58292
Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 Appliances affected versions not specified Description A post-authentication code injection flaw exists in the SMA1000 Appliance Management Console AMC. This issue occurs due to improper control of code generation, which coul...
EUVD-2026-20902
Improper neutralization of special elements used in an SQL command “SQL Injection” in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator...
CVE-2025-40603
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data...
CVE-2024-53704
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. Recent assessments: remmons-r7 at January 28, 2025 3:26pm UTC reported: On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the...
Another Malware with Persistence
Heres a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to China were engaged in a campaign to maintain long-term persistence by running malware...