Sonicwall Sma 100 Series vulnerabilities
4 known vulnerabilities affecting sonicwall/sma_100_series.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-40599CRITICALCVSS 9.1v10.2.1.15-81sv and earlier versions2025-07-23
CVE-2025-40599 [CRITICAL] CWE-434 CVE-2025-40599: An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management int
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
cvelistv5nvd
CVE-2025-40597HIGHCVSS 7.5v10.2.1.15-81sv and earlier versions2025-07-23
CVE-2025-40597 [HIGH] CWE-122 CVE-2025-40597: A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthe
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
cvelistv5nvd
CVE-2025-40596HIGHCVSS 7.3v10.2.1.15-81sv and earlier versions2025-07-23
CVE-2025-40596 [HIGH] CWE-121 CVE-2025-40596: A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauth
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
cvelistv5nvd
CVE-2025-40598MEDIUMCVSS 6.1v10.2.1.15-81sv and earlier versions2025-07-23
CVE-2025-40598 [MEDIUM] CWE-79 CVE-2025-40598: A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allo
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
cvelistv5nvd