Vulnerability Details CVE-2026-15410
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 73.8%
CVSS Severity
CVSS v3 Score 7.2
Proposed Action
SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Ransomware Campaign
Unknown
Products affected by CVE-2026-15410
-
cpe:2.3:a:sonicwall:sma8200v:-
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-03387
-
cpe:2.3:a:sonicwall:sma8200v:12.4.3-03434
-
cpe:2.3:a:sonicwall:sma8200v:12.5.0-02283
-
cpe:2.3:a:sonicwall:sma8200v:12.5.0-02800
-
cpe:2.3:h:sonicwall:sma6210:-
-
cpe:2.3:h:sonicwall:sma7210:-
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-03245
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.4.3-03434
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02283
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02624
-
cpe:2.3:o:sonicwall:sma6210_firmware:12.5.0-02800
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-03245
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.4.3-03434
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02283
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02624
-
cpe:2.3:o:sonicwall:sma7210_firmware:12.5.0-02800