CyberSecurityBoard
Sponsor Register Login

SonicWall SMA 100 Vulnerabilities Let Attackers Execute Arbitrary JavaScript Code

Currently, SonicWall reports no evidence of active exploitation in the wild, though the pre-authentication nature of these flaws makes immediate patching essential for maintaining network security posture. The vulnerabilities affect SMA 210, 410, and 500v models running firmware version 10.2.1.15-81sv and earlier, exposing organizations to significant security risks. The company emphasizes that SonicWall SSL VPN SMA1000 series products and SSL-VPN functionality on SonicWall firewalls remain unaffected by these security flaws. SonicWall SMA 100 series has three vulnerabilities enabling remote code execution without authentication. The security advisory reveals three distinct vulnerabilities with varying severity levels. Both buffer overflow vulnerabilities share the same CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L, indicating network-based attacks with low complexity requirements and no authentication prerequisites. This flaw enables remote, unauthenticated attackers to cause Denial of Service (DoS) conditions or potentially execute arbitrary code on affected systems. Additionally, organizations should activate the Web Application Firewall (WAF) feature on SMA100 devices to provide additional protection layers.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 24 Jul 2025 10:15:14 +0000


Cyber News related to SonicWall SMA 100 Vulnerabilities Let Attackers Execute Arbitrary JavaScript Code

CVE-2023-53560 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2022-49069 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago
SonicWall SMA VPN devices targeted in attacks since January - A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. Days after SonicWall tagged the security ...
8 months ago Bleepingcomputer.com CVE-2021-20035
SonicWall urges admins to patch critical RCE flaw in SMA 100 devices - While attackers would need admin privileges for CVE-2025-40599 successful exploitation and SonicWall has yet to find evidence that this vulnerability is being actively exploited, it still warned customers to secure their devices, as SMA 100 ...
5 months ago Bleepingcomputer.com CVE-2025-40599
SonicWall OS Command Injection Vulnerability Exploited in the Wild - “During further analysis, SonicWall and trusted security partners identified that ‘CVE-2023-44221 – Post Authentication OS Command Injection’ vulnerability is potentially being exploited in the wild,” SonicWall stated in ...
8 months ago Cybersecuritynews.com CVE-2023-44221
SonicWall SMA 100 Vulnerabilities Let Attackers Execute Arbitrary JavaScript Code - Currently, SonicWall reports no evidence of active exploitation in the wild, though the pre-authentication nature of these flaws makes immediate patching essential for maintaining network security posture. The vulnerabilities affect SMA 210, 410, and ...
5 months ago Cybersecuritynews.com
178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
1 year ago Darkreading.com CVE-2022-22274 CVE-2023-0656
Threat Actor Deploys Oversteer Backdoor in Ongoing SonicWall SMA Attacks - A persistent threat actor has been actively exploiting vulnerabilities in SonicWall SMA appliances by deploying the Oversteer backdoor, leading to ongoing cyberattacks. These attacks target SonicWall's Secure Mobile Access (SMA) devices, which are ...
3 months ago Darkreading.com CVE-2021-20016 UNC2447
Analyzing the SonicWall Custom Grub LUKS Encryption Modifications - During our initial analysis of a virtual machine image for the application, we discovered a customized LUKS encryption mechanism meant to hinder reverse engineering of the application. We were able to recover the LUKS decryption key by leveraging ...
2 years ago Securityboulevard.com
Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks - Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks. These appliances are affected by two DoS ...
1 year ago Bleepingcomputer.com CVE-2022-22274 CVE-2023-0656
SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
7 months ago Cybersecuritynews.com
CISA Warns of SonicWall Command Injection Vulnerability Exploited in Wild - On April 16, 2025, CISA added CVE-2021-20035, a command injection vulnerability affecting SonicWall SMA100 appliances, to its Known Exploited Vulnerabilities (KEV) Catalog after confirming evidence of active exploitation in the wild. “This ...
8 months ago Cybersecuritynews.com CVE-2021-20035
SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider - PRESS RELEASE. MILPITAS, Calif. - January 3, 2024 - SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge solutions for the modern workforce. This acquisition ...
2 years ago Darkreading.com
178,000 SonicWall firewalls are vulnerable to old DoS bugs The Register - More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims. A study by Jon Williams, senior security engineer at Bishop Fox, this week highlights what he refers to as weapons-grade patch ...
1 year ago Go.theregister.com CVE-2022-22274 CVE-2023-0656
180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE - The majority of internet-exposed SonicWall next-generation firewall series 6 and 7 devices have not been patched against two potentially serious vulnerabilities, cybersecurity firm Bishop Fox reports. The issues, tracked as CVE-2022-22274 and ...
1 year ago Securityweek.com CVE-2022-22274 CVE-2023-0656
SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild - CISA has added the SonicWall SMA100 OS Command Injection Vulnerability, tracked as CVE-2023-44221, to its Known Exploited Vulnerabilities (KEV) catalog. While specific exploitation details remain limited, security firm watchTowr reported on May 1 ...
8 months ago Cybersecuritynews.com CVE-2023-44221
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild - The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. Security analysts attribute the rapid weaponization ...
10 months ago Cybersecuritynews.com CVE-2024-53704 Akira
SonicWall Alerts that Web Content Filtering is Not Working Properly on Windows 11 22H2 - Today, security hardware manufacturer SonicWall alerted customers of a limitation of the web content filtering feature on Windows 11, version 22H2 systems. SonicWall's Capture Client is a security solution for Windows and macOS that has Endpoint ...
2 years ago Bleepingcomputer.com
Hackers Leverage Compromised Third-Party SonicWall SSL VPN to Breach Networks - Cybersecurity researchers have uncovered a new wave of cyberattacks exploiting compromised third-party SonicWall SSL VPN appliances. Attackers are leveraging these vulnerabilities to gain unauthorized access to corporate networks, leading to data ...
4 months ago Cybersecuritynews.com CVE-2021-20016 CVE-2023-20036 UNC2447
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware - It is unclear how the hackers obtained initial access, but researchers investigating UNC6148 attacks noticed that the threat actor already had local administrator credentials on the targeted appliance. With shell access on the appliance, the threat ...
5 months ago Bleepingcomputer.com Abyss Hunters
SonicWall: SMA100 VPN vulnerabilities now exploited in attacks - In January, SonicWall urged admins to patch a critical flaw in SMA1000 secure access gateways that was being exploited in zero-day attacks, and one month later warned of an actively exploited authentication bypass flaw in Gen 6 and Gen 7 firewalls ...
8 months ago Bleepingcomputer.com CVE-2021-20035
Apache OFBiz 0-day sees thousands of daily exploit attempts The Register - SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. The near-maximum severity zero-day vuln in OfBiz, an open source ERP system with what researchers described as a surprisingly wide ...
2 years ago Go.theregister.com CVE-2023-51467 CVE-2023-49070
Apache OFBiz 0-day sees thousands of daily exploit attempts The Register - SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. The near-maximum severity zero-day vuln in OFBiz, an open source ERP system with what researchers described as a surprisingly wide ...
2 years ago Packetstormsecurity.com CVE-2023-51467 CVE-2023-49070
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack - The vulnerability impacts a comprehensive range of Gen7 hardware firewalls, including the TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, ...
5 months ago Cybersecuritynews.com CVE-2025-40600
SonicWall says state-sponsored hackers behind security breach in September - In September 2023, SonicWall, a prominent cybersecurity company, disclosed a significant security breach attributed to state-sponsored hackers. The attackers exploited vulnerabilities in SonicWall's secure remote access products, impacting thousands ...
2 months ago Bleepingcomputer.com CVE-2023-3519 CVE-2023-3520 State-sponsored hackers

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)