What is CVE-2022-1702?

CVE-2022-1702 is a vulnerability in Sonicwall Sma1000, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2022-05-13.

Is CVE-2022-1702 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Open Redirect in Sonicwall Sma1000

CVE-2022-1702

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.

Vulnerability class: Open Redirect

EPSS: 0.002 (38.2th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sma1000 — versions 12.4.0, 12.4.1

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

Public proof-of-concept exploits

ARPSyndicate/cve-scores
karimhabush/cyberowl

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0009 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-1702?: CVE-2022-1702 is a vulnerability in Sonicwall Sma1000, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2022-05-13.
Is CVE-2022-1702 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.