Sonicwall

Sma100

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-40598

  • EPSS 0.05%
  • Veröffentlicht 23.07.2025 14:49:48
  • Zuletzt bearbeitet 07.08.2025 14:36:07

A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.

7.5

CVE-2025-40597

  • EPSS 0.08%
  • Veröffentlicht 23.07.2025 14:48:36
  • Zuletzt bearbeitet 07.08.2025 14:36:16

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

7.3

CVE-2025-40596

  • EPSS 0.08%
  • Veröffentlicht 23.07.2025 14:46:24
  • Zuletzt bearbeitet 07.08.2025 14:36:26

A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

9.1

CVE-2025-40599

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 23.07.2025 13:13:45
  • Zuletzt bearbeitet 25.07.2025 15:29:44

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote ...

7.2

CVE-2025-32821

Medienbericht
  • EPSS 0.2%
  • Veröffentlicht 07.05.2025 17:22:14
  • Zuletzt bearbeitet 19.05.2025 15:12:23

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.

8.8

CVE-2025-32820

Medienbericht
  • EPSS 0.57%
  • Veröffentlicht 07.05.2025 17:20:10
  • Zuletzt bearbeitet 19.05.2025 15:12:48

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.

8.8

CVE-2025-32819

Medienbericht Exploit
  • EPSS 0.34%
  • Veröffentlicht 07.05.2025 17:18:23
  • Zuletzt bearbeitet 19.05.2025 15:13:46

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

8.1

CVE-2024-53703

  • EPSS 0.38%
  • Veröffentlicht 05.12.2024 14:15:22
  • Zuletzt bearbeitet 05.12.2024 15:15:11

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

8.1

CVE-2024-45318

  • EPSS 0.61%
  • Veröffentlicht 05.12.2024 14:15:21
  • Zuletzt bearbeitet 05.12.2024 17:15:11

A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

6.3

CVE-2024-45319

  • EPSS 0.07%
  • Veröffentlicht 05.12.2024 14:15:21
  • Zuletzt bearbeitet 05.12.2024 17:15:12

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.