Sonicwall: >> Sma 410 Firmware Security Vulnerabilities
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-07-23
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-23
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-23
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
CVSS Score
8.8
EPSS Score
0.004
Published
2025-05-07
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
CVSS Score
8.8
EPSS Score
0.006
Published
2025-05-07
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
CVSS Score
7.2
EPSS Score
0.002
Published
2025-05-07
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVSS Score
8.1
EPSS Score
0.004
Published
2024-12-05
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVSS Score
8.1
EPSS Score
0.006
Published
2024-12-05
A vulnerability in the SonicWall SMA100 SSLVPN
firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-12-05
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-12-05
Page 1