10 matches found
EUVD-2025-13910
Malicious code in bioql PyPI...
SonicWall Secure Mobile Access < 10.2.1.15-81sv (SNWLID-2025-0011)
The version of SonicWall Secure Mobile Access installed on the remote host is prior to 10.2.1.15-81sv. It is, therefore, affected by multiple vulnerabilities as referenced in the SNWLID-2025-0011 advisory: - A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user...
CVE-2025-32819
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...
CVE-2025-32820
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable...
CVE-2025-32820
CVE-2025-32820 affects SonicWall SMA100/10.x SSL-VPN appliances. An authenticated SSLVPN user with low privileges can inject a path traversal sequence to make any directory on the SMA writable (world-writable). Public write access to system dirs can enable follow-on abuse or facilitate privilege ...
CVE-2025-32820
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable...
CVE-2025-32820
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable...
CVE-2025-32819
CVE-2025-32819 affects SonicWall SMA100 series appliances. A remote, authenticated SSLVPN user can bypass path-traversal checks to delete arbitrary files, potentially rebooting the device to factory defaults. The vulnerability is fixed in SMA100 firmware 10.2.1.15-81sv (patch released May 2025). ...
CVE-2025-32819
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings...
PT-2025-20282 · Sma100 · Sma100
Name of the Vulnerable Software and Affected Versions: SMA100 versions 10.2.1.14-75sv and earlier Description: A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to inject a path traversal sequence, making any directory on the SMA appliance writable...