CVE-2026-4112
published 2026-04-09CVE-2026-4112: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated…
PriorityP348high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.61%
44.8th percentile
Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sma | — | — |
| sonicwall | sma1000 | — | — |
| sonicwall | sma1000 | — | — |
| sonicwall | sma6200_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma6200_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma6210_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma6210_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma7200_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma7200_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma7210_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma7210_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma8200v | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma8200v | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
SonicWall
CVE-2026-4112: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authentica
vendor_sonicwall·2026-04-09
CVE-2026-4112 CWE-89 CVE-2026-4112: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authentica
CVE-2026-4112: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
GHSA
GHSA-rh6r-h796-j349: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authentica
ghsa_unreviewed·2026-04-09
CVE-2026-4112 CWE-89 GHSA-rh6r-h796-j349: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authentica
Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
No detection rules found.
No public exploits indexed.
2026-04-09
Published