CVE-2026-4114Improper Handling of Unicode Encoding in Sma1000

CWE-176Improper Handling of Unicode Encoding4 documents4 sources
Severity
N/A
No vector
EPSS
0.0%
top 88.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sonicwall Sma1000
Timeline
PublishedApr 9

Description

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.

Affected Packages1 packages

CVEListV5sonicwall/sma100012.4.3-03245 (platform-hotfix) and earlier versions., 12.5.0-02283 (platform-hotfix) and earlier versions.+1

🔴Vulnerability Details

3
VulDB
SonicWall SMA1000 AMC TOTP Authentication unicode encoding (SNWLID-2026-0003 / EUVD-2026-20906)2026-04-09
GHSA
GHSA-q2cw-g735-jvcc: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authenticat2026-04-09
CVEList
CVE-2026-4114: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authenticat2026-04-09
CVE-2026-4114 — Improper Handling of Unicode Encoding | cvebase