CVE-2025-32819

High CVSS: 8.8

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

Vendor

Sonicwall

Product

Sma 100 Firmware

CWE

CWE-552

Yayın Tarihi

2025-05-07 18:15:42

Güncelleme

2025-05-19 15:13:46

Source Identifier

PSIRT@sonicwall.com

KEV Date Added

Kategoriler

CWE-552 Sma 100 Firmware HIGH Sonicwall 2025

Referanslar

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 https://old.rapid7.com/blog/post/2025/05/07/multiple-vulnerabilities-in-sonicwall-sma-100-series-2025/

Benzer Kayıtlar

Medium

CVE-2026-3439

A post-authentication Stack-based Buffer Overflow vulnerability in SonicOS certificate handling allows a remote attacker…

Medium

CVE-2026-0400

A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.

Medium

CVE-2026-0401

A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.

Medium

CVE-2026-0402

A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.

Medium

CVE-2026-0399

Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to impr…

Medium

CVE-2025-40602

A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance manageme…