CVE-2025-40599 — Unrestricted File Upload in SMA 100 Series

CWE-434 — Unrestricted File Upload4 documents4 sources

Severity

9.1CRITICALNVD

EPSS

0.3%

top 49.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sonicwall SMA 210 Firmware Sonicwall SMA 410 Firmware Sonicwall SMA 500v Firmware +1 more

Timeline

PublishedJul 23

Latest updateJul 24

Description

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages4 packages

▶CVEListV5sonicwall/sma_100_series10.2.1.15-81sv and earlier versions

▶NVDsonicwall/sma_210_firmware< 10.2.2.1-90sv

▶NVDsonicwall/sma_410_firmware< 10.2.2.1-90sv

▶NVDsonicwall/sma_500v_firmware< 10.2.2.1-90sv

🔴Vulnerability Details

GHSA

GHSA-9pr6-9rp3-fq9v: An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface↗2025-07-23

▶

CVEList

CVE-2025-40599: An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface↗2025-07-23

▶

🕵️Threat Intelligence

Bleepingcomputer

SonicWall urges admins to patch critical RCE flaw in SMA 100 devices↗2025-07-24

▶