A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
19 May 2025, 15:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_100:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:* |
|
References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 - Vendor Advisory | |
First Time |
Sonicwall sma 200 Firmware
Sonicwall sma 210 Sonicwall sma 500v Firmware Sonicwall sma 410 Firmware Sonicwall sma 200 Sonicwall sma 400 Sonicwall sma 400 Firmware Sonicwall Sonicwall sma 500v Sonicwall sma 410 Sonicwall sma 100 Sonicwall sma 210 Firmware Sonicwall sma 100 Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
08 May 2025, 14:39
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 May 2025, 19:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
07 May 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-07 18:15
Updated : 2025-05-19 15:12
NVD link : CVE-2025-32821
Mitre link : CVE-2025-32821
CVE.ORG link : CVE-2025-32821
JSON object : View
Products Affected
sonicwall
- sma_410_firmware
- sma_500v
- sma_100_firmware
- sma_200
- sma_410
- sma_210
- sma_500v_firmware
- sma_210_firmware
- sma_200_firmware
- sma_100
- sma_400
- sma_400_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')