Sonicwall Sma100
26 CVEs affecting Sonicwall Sma100. Latest disclosed: 2025-10-31. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-22395 | Medium | 6.3 | 2024-02-23 | Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a… |
CVE-2025-40603 | | 2025-10-31 | A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain… | |
CVE-2025-32821 | | 2025-05-07 | A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to u… | |
CVE-2025-32820 | | 2025-05-07 | A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the… | |
CVE-2025-32819 | | 2025-05-07 | A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file p… | |
CVE-2024-53703 | | 2024-12-05 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote at… | |
CVE-2024-53702 | | 2024-12-05 | Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases… | |
CVE-2024-45319 | | 2024-12-05 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certifi… | |
CVE-2024-45318 | | 2024-12-05 | A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to co… | |
CVE-2024-40763 | | 2024-12-05 | Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-base… | |
CVE-2023-5970 | | 2023-12-05 | Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using ac… | |
CVE-2023-44221 | | 2023-12-05 | Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to… | |
CVE-2022-2915 | | 2022-08-26 | A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the app… | |
CVE-2022-1703 | | 2022-06-03 | Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Com… | |
CVE-2021-20035 | | 2021-09-27 | Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody… | |
CVE-2021-20034 | | 2021-09-27 | An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file po… | |
CVE-2021-20018 | | 2021-03-13 | A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability i… | |
CVE-2021-20017 | | 2021-03-13 | A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulne… | |
CVE-2020-5146 | | 2021-01-09 | A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS command injection using HTTP POST parameters. This vulnerabi… | |
CVE-2020-5132 | | 2020-09-30 | SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. Whe… |