Vulnerability Details CVE-2026-15409
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 69.5%
CVSS Severity
CVSS v3 Score 10.0
Proposed Action
SonicWall SMA1000 Appliances contain a server-side request forgery vulnerability that could allow a remote unauthenticated attacker to potentially cause the appliance to make requests to unintended location.
Ransomware Campaign
Unknown
Products affected by CVE-2026-15409
-
cpe:2.3:a:sonicwall:sma8200v:-
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-03387
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-03434
-
cpe:2.3:a:sonicwall:sma8200v:12.5.0-02283
-
cpe:2.3:a:sonicwall:sma8200v:12.5.0-02800
-
cpe:2.3:h:sonicwall:sma6210:-
-
cpe:2.3:h:sonicwall:sma7210:-
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-03245
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-03434
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02283
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02624
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02800
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-03245
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-03434
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02283
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02624
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02800