CVE-2026-4116
published 2026-04-09CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP…
PriorityP350high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.42%
33.4th percentile
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sma | — | — |
| sonicwall | sma1000 | — | — |
| sonicwall | sma1000 | — | — |
| sonicwall | sma6200_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma6200_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma6210_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma6210_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma7200_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma7200_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma7210_firmware | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma7210_firmware | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
| sonicwall | sma8200v | < 12.4.3-03387 | 12.4.3-03387 |
| sonicwall | sma8200v | >= 12.5.0 < 12.5.0-02624 | 12.5.0-02624 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
SonicWall
CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tun
vendor_sonicwall·2026-04-09·CVSS 7.2
CVE-2026-4116 [HIGH] CWE-176 CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tun
CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
VulDB
SonicWall SMA1000 Tunnel TOTP Authentication unicode encoding (SNWLID-2026-0003 / EUVD-2026-20908)
vuldb·2026-04-09·CVSS 7.2
CVE-2026-4116 [HIGH] SonicWall SMA1000 Tunnel TOTP Authentication unicode encoding (SNWLID-2026-0003 / EUVD-2026-20908)
A vulnerability was found in SonicWall SMA1000. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component Tunnel TOTP Authentication. This manipulation causes improper handling of unicode encoding.
This vulnerability is tracked as CVE-2026-4116. The attack is possible to be carried out remotely. No exploit exists.
GHSA
GHSA-98v3-fwpf-r4w2: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tun
ghsa_unreviewed·2026-04-09
CVE-2026-4116 CWE-176 GHSA-98v3-fwpf-r4w2: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tun
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-09
Published