Lucene search
K

33 matches found

GithubExploit
GithubExploit
added 2026/05/22 8:54 a.m.85 views

Exploit for Race Condition in Sonicwall Sma_6200_Firmware

CVE-2024-6387 CVE-2024-6387 POC Currently being edited...

8.1CVSS6.4AI score0.99506EPSS
Exploits68
ATTACKERKB
ATTACKERKB
added 2026/04/09 2:22 p.m.2 views

CVE-2026-4112

Improper neutralization of special elements used in an SQL command “SQL Injection” in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator...

7.1AI score0.00613EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/12/17 12:0 a.m.7 views

VulnCheck KEV: CVE-2025-40602

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console AMC...

6.6CVSS5.8AI score0.0191EPSS
In wildExploits1References10
The Hacker News
The Hacker News
added 2025/09/25 5:24 p.m.11 views

ThreatsDay Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

Welcome to this week's Threatsday Bulletin —your Thursday check-in on the latest twists and turns in cybersecurity and hacking. The digital threat landscape never stands still. One week it's a critical zero-day, the next it's a wave of phishing lures or a state-backed disinformation push. Each...

9.8CVSS9.7AI score0.99813EPSS
Exploits26
SonicWall
SonicWall
added 2025/07/23 3:58 p.m.8 views

SonicWall SMA100 Post-authentication Arbitrary File Upload vulnerability

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution. SonicWall strongly recommends...

9.1CVSS8.2AI score0.11635EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.3 views

SonicWall SMA 100 Series 跨站脚本漏洞

SonicWall SMA 100 Series is a series of remote access software from SonicWall Corporation. A cross-site scripting vulnerability exists in SonicWall SMA 100 Series that originates from reflective cross-site scripting and could lead to arbitrary JavaScript code execution...

6.1CVSS7.4AI score0.53214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30578 · Unknown · Sma 100 Series

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 Series versions 210, 410, and 500v SonicWall SMA 100 Series affected versions not specified Description: A critical authenticated arbitrary file upload vulnerability exists in the SonicWall SMA 100 series web management...

9.1CVSS9.5AI score0.11635EPSS
Exploits0References48
The Hacker News
The Hacker News
added 2025/07/16 2:0 p.m.19 views

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access SMA 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Goog...

9.8CVSS8.9AI score0.99957EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.13 views

SonicWall SMA 1000 Series < 12.4.3-02963 SSRF (SNWLID-2025-0010)

The remote host is a SonicWall SMA 1000 Series device that may be affected by a server-side request forgery SSRF vulnerability. An SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cau...

7.2CVSS6.9AI score0.0031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/22 12:0 a.m.7 views

SonicWall SMA < 10.2.1.14-75sv Unauthenticated Arbitrary File Read

SonicWall Secure Mobile Access SMA versions prior to 10.2.1.14-75sv are affected by an unauthenticated arbitrary file read vulnerability. This vulnerability allows an unauthenticated attacker to read arbitrary files on the system, potentially leading to sensitive information disclosure. No source...

9.1CVSS6.9AI score0.99957EPSS
Exploits1References2
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 8:18 p.m.25 views

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

8.8CVSS9.2AI score0.29415EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 8:18 p.m.6 views

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

8.8CVSS10AI score0.29415EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2025/05/06 3:12 p.m.31 views

About Remote Code Execution & Arbitrary File Reading – Apache HTTP Server (CVE-2024-38475) vulnerability

About Remote Code Execution & Arbitrary File Reading - Apache HTTP Server CVE-2024-38475 vulnerability. Improper escaping of output in modrewrite module leads to remote code execution or arbitrary file reading. Successful exploitation does not require authentication. Apache HTTP Server 2.4.60,...

9.1CVSS8.7AI score0.99957EPSS
Exploits1
HackRead
HackRead
added 2025/05/03 9:26 p.m.48 views

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices

watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities CVE-2024-38475 & CVE-2023-44221 potentially leading to full system takeover…...

9.1CVSS9.7AI score0.99957EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/01/24 12:0 a.m.39 views

SonicWall SMA 1000 Series < 12.4.3-02854 Pre-authentication Remote Command Execution (SNWLID-2025-0002)

The remote host is a SonicWall SMA 1000 Series device that may be affected by a pre-authentication remote command execution vulnerability: - Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console AMC and Central Managemen...

9.8CVSS9.2AI score0.2236EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/12/10 12:0 a.m.3 views

The vulnerability of SonicWall SMA 100 network firewall microprogramming software, related to the use of a insecure random number generator program, allows attackers to disclose protected information.

The vulnerability of SonicWall SMA 100 network firewall microprogramming software is related to the use of a potentially insecure program for generating random numbers. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

5.3CVSS7.7AI score0.00341EPSS
Exploits0References2Affected Software6
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.5 views

PT-2024-35812 · Sonicwall +1 · Sonicwall Sma100 Sslvpn +1

Name of the Vulnerable Software and Affected Versions: SonicWall SMA100 SSLVPN versions 10.2.1.13-72sv and earlier Description: A problem in the mod httprp library loaded by the Apache web server allows remote attackers to cause a stack-based buffer overflow, potentially leading to code execution...

8.1CVSS9.9AI score0.12713EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/05/02 12:0 a.m.5 views

The vulnerability of the implementation of the SSL VPN technology using the micro-programming software for network interfaces of the SMA 100 series, which allows a intruder to execute any command they desire.

The vulnerability of the implementation of the SSL VPN micro-programming system for network interfaces of SONICWALL series SMA 100 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor ...

8.3CVSS8.1AI score0.74933EPSS
Exploits0References4Affected Software6
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.25 views

SonicWall Secure Mobile Access (SMA) < 10.2.1.5-34sv Buffer Overflow (SNWLID-2022-0019)

The remote host is a SonicWall Secure Mobile Access SMA device with a version number 10.2.1.5-34sv. It is, therefore, affected by a buffer overflow vulnerability that allows a remote authenticated attacker to cause Denial of Service DoS on the appliance or potentially lead to code execution. Note...

8.8CVSS7.9AI score0.01357EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.2 views

PT-2022-4430 · Sonicwall · Sonicwall Sma 100 Series

Name of the Vulnerable Software and Affected Versions: SonicWall SMA 100 series affected versions not specified Description: The issue is related to a disclosure of information in the SonicWall SMA 100 series firewalls' firmware. It allows a remote attacker to gain unauthorized access to protecte...

5CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder