Sonicwall Sma1000 vulnerabilities

11 known vulnerabilities affecting sonicwall/sma1000.

Total CVEs
11
CISA KEV
2
actively exploited
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM2UNKNOWN2

Vulnerabilities

Page 1 of 1
CVE-2026-4116HIGHCVSS 7.2v12.4.3-03245 (platform-hotfix) and earlier versions.v12.5.0-02283 (platform-hotfix) and earlier versions.2026-04-09
CVE-2026-4116 [HIGH] CWE-176 CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authent Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
cvelistv5nvd
CVE-2026-4113HIGHCVSS 7.2v12.4.3-03245 (platform-hotfix) and earlier versions.v12.5.0-02283 (platform-hotfix) and earlier versions.2026-04-09
CVE-2026-4113 [HIGH] CWE-204 CVE-2026-4113: An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
cvelistv5nvd
CVE-2026-4112UNKNOWNv12.4.3-03245 (platform-hotfix) and earlier versions.v12.5.0-02283 (platform-hotfix) and earlier versions.2026-04-09
CVE-2026-4112 CWE-89 CVE-2026-4112: Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SM Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
cvelistv5nvd
CVE-2026-4114UNKNOWNv12.4.3-03245 (platform-hotfix) and earlier versions.v12.5.0-02283 (platform-hotfix) and earlier versions.2026-04-09
CVE-2026-4114 CWE-176 CVE-2026-4114: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authent Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.
cvelistv5nvd
CVE-2025-40602MEDIUMCVSS 6.6KEVv12.4.3-03093 (platform-hotfix) and earlier versionsv12.5.0-02002 (platform-hotfix) and earlier versions2025-12-18
CVE-2025-40602 [MEDIUM] CWE-250 CVE-2025-40602: A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA100 A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
cvelistv5nvd
CVE-2025-40595HIGHCVSS 7.2v12.4.3-02925 (platform-hotfix) and earlier versions2025-05-14
CVE-2025-40595 [HIGH] CWE-918 CVE-2025-40595: A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
cvelistv5nvd
CVE-2025-2170HIGHCVSS 7.2v12.4.3-02907 (platform-hotfix) and earlier versions2025-04-30
CVE-2025-2170 [HIGH] CWE-918 CVE-2025-2170: A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.
cvelistv5nvd
CVE-2025-23006CRITICALCVSS 9.8KEVv12.4.3-02804 (platform-hotfix) and earlier versions.2025-01-23
CVE-2025-23006 [CRITICAL] CWE-502 CVE-2025-23006: Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA100 Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
cvelistv5nvd
CVE-2024-45317HIGHCVSS 7.5v12.4.3-02676 and earlier versions2024-10-11
CVE-2024-45317 [HIGH] CWE-918 CVE-2024-45317: A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-026 A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.
cvelistv5nvd
CVE-2020-5132MEDIUMCVSS 5.3vSMA1000 12.4.0-22232020-09-30
CVE-2020-5132 [MEDIUM] CWE-200 CVE-2020-5132: SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of
cvelistv5nvd
CVE-2020-5129HIGHCVSS 7.5v12.1.0-06411 and earlier2020-03-26
CVE-2020-5129 [HIGH] CWE-248 CVE-2020-5129: A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attac A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.
cvelistv5nvd