Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely

SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of Bishopfox, the flaw could enable remote, unauthenticated attackers to exploit encoded URLs to trick the appliance into sending unauthorised requests to unintended destinations, potentially compromising system security. According to SonicWall’s Product Security Incident Response Team (PSIRT), this flaw in the Work Place interface could allow attackers to manipulate the appliance’s behavior, potentially accessing internal systems or external resources not intended to be reachable. The update is available for download through the MySonicWall portal (mysonicwall.com). SonicWall PSIRT strongly urges all SMA1000 users to apply the hotfix immediately to protect their systems from potential exploitation. For organizations relying on the SMA1000 for secure remote access, this vulnerability represents a significant risk. The SMA1000, part of SonicWall’s Secure Mobile Access (SMA) product line, is designed to provide secure remote access for organizations. With remote work and hybrid environments still prevalent, ensuring the security of remote access solutions like the SMA1000 is paramount. SSRF attacks can be particularly dangerous, as they may allow attackers to pivot to internal networks, access sensitive resources, or even chain the vulnerability with other exploits. The vulnerability affects SonicWall SMA1000 devices running firmware version 12.4.3-02925 (platform-hotfix) or earlier. To address the vulnerability, SonicWall has released a hotfix, version 12.4.3-02963 (platform-hotfix) and higher, which fully resolves the SSRF flaw. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Organizations are advised to verify their SMA1000 firmware version, download the latest hotfix, and apply it as soon as possible. “By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.” SonicWall said. SonicWall’s swift response in releasing a hotfix demonstrates its commitment to addressing security threats, but the onus is now on administrators to act quickly.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 16 May 2025 05:39:54 +0000

Cyber News related to SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely

SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
3 months ago Cybersecuritynews.com

Vulnerability Summary for the Week of January 22, 2024 - Es PrimaryVendor - Product ajaysharma - cups easy Description A vulnerability has been reported in Cups Easy, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting vulnerability via ...
1 year ago Cisa.gov

Vulnerability Summary for the Week of January 29, 2024 - Es PrimaryVendor - Product cups easy - cups easy Description A vulnerability has been reported in Cups Easy, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting vulnerability via ...
1 year ago Cisa.gov

178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
1 year ago Darkreading.com CVE-2022-22274 CVE-2023-0656

Analyzing the SonicWall Custom Grub LUKS Encryption Modifications - During our initial analysis of a virtual machine image for the application, we discovered a customized LUKS encryption mechanism meant to hinder reverse engineering of the application. We were able to recover the LUKS decryption key by leveraging ...
1 year ago Securityboulevard.com

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks - Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks. These appliances are affected by two DoS ...
1 year ago Bleepingcomputer.com CVE-2022-22274 CVE-2023-0656

SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider - PRESS RELEASE. MILPITAS, Calif. - January 3, 2024 - SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge solutions for the modern workforce. This acquisition ...
1 year ago Darkreading.com

SonicWall SMA VPN devices targeted in attacks since January - A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. Days after SonicWall tagged the security ...
4 months ago Bleepingcomputer.com CVE-2021-20035

SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild - The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. Security analysts attribute the rapid weaponization ...
6 months ago Cybersecuritynews.com CVE-2024-53704 Akira

SonicWall Alerts that Web Content Filtering is Not Working Properly on Windows 11 22H2 - Today, security hardware manufacturer SonicWall alerted customers of a limitation of the web content filtering feature on Windows 11, version 22H2 systems. SonicWall's Capture Client is a security solution for Windows and macOS that has Endpoint ...
2 years ago Bleepingcomputer.com

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE - The majority of internet-exposed SonicWall next-generation firewall series 6 and 7 devices have not been patched against two potentially serious vulnerabilities, cybersecurity firm Bishop Fox reports. The issues, tracked as CVE-2022-22274 and ...
1 year ago Securityweek.com CVE-2022-22274 CVE-2023-0656

SonicWall urges admins to patch critical RCE flaw in SMA 100 devices - While attackers would need admin privileges for CVE-2025-40599 successful exploitation and SonicWall has yet to find evidence that this vulnerability is being actively exploited, it still warned customers to secure their devices, as SMA 100 ...
1 month ago Bleepingcomputer.com CVE-2025-40599

178,000 SonicWall firewalls are vulnerable to old DoS bugs The Register - More than 178,000 SonicWall firewalls are still vulnerable to years-old vulnerabilities, an infosec reseacher claims. A study by Jon Williams, senior security engineer at Bishop Fox, this week highlights what he refers to as weapons-grade patch ...
1 year ago Go.theregister.com CVE-2022-22274 CVE-2023-0656

SonicWall OS Command Injection Vulnerability Exploited in the Wild - “During further analysis, SonicWall and trusted security partners identified that ‘CVE-2023-44221 – Post Authentication OS Command Injection’ vulnerability is potentially being exploited in the wild,” SonicWall stated in ...
4 months ago Cybersecuritynews.com CVE-2023-44221

SonicWall: SMA100 VPN vulnerabilities now exploited in attacks - In January, SonicWall urged admins to patch a critical flaw in SMA1000 secure access gateways that was being exploited in zero-day attacks, and one month later warned of an actively exploited authentication bypass flaw in Gen 6 and Gen 7 firewalls ...
4 months ago Bleepingcomputer.com CVE-2021-20035

SonicWall SMA 100 Vulnerabilities Let Attackers Execute Arbitrary JavaScript Code - Currently, SonicWall reports no evidence of active exploitation in the wild, though the pre-authentication nature of these flaws makes immediate patching essential for maintaining network security posture. The vulnerabilities affect SMA 210, 410, and ...
1 month ago Cybersecuritynews.com

Hackers Leverage Compromised Third-Party SonicWall SSL VPN to Breach Networks - Cybersecurity researchers have uncovered a new wave of cyberattacks exploiting compromised third-party SonicWall SSL VPN appliances. Attackers are leveraging these vulnerabilities to gain unauthorized access to corporate networks, leading to data ...
1 week ago Cybersecuritynews.com CVE-2021-20016 CVE-2023-20036 UNC2447

SonicWall Firewall Vulnerability Exploited to Gain Unauthorized Network Access - Security experts emphasize that despite the significant reverse-engineering effort required to uncover the vulnerability, the exploit itself is trivial to execute, making immediate patching critical for all affected organizations. Attackers are ...
5 months ago Cybersecuritynews.com CVE-2024-53704

Apache OFBiz 0-day sees thousands of daily exploit attempts The Register - SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. The near-maximum severity zero-day vuln in OfBiz, an open source ERP system with what researchers described as a surprisingly wide ...
1 year ago Go.theregister.com CVE-2023-51467 CVE-2023-49070

Apache OFBiz 0-day sees thousands of daily exploit attempts The Register - SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. The near-maximum severity zero-day vuln in OFBiz, an open source ERP system with what researchers described as a surprisingly wide ...
1 year ago Packetstormsecurity.com CVE-2023-51467 CVE-2023-49070

Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack - The vulnerability impacts a comprehensive range of Gen7 hardware firewalls, including the TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, ...
1 month ago Cybersecuritynews.com CVE-2025-40600

SonicWall firewall bug targeted in attacks after PoC exploit release - On Thursday, cybersecurity company Arctic Wolf said they started detecting exploitation attempts targeting this vulnerability in attacks "shortly after the PoC was made public," confirming SonicWall's fears regarding the vulnerability's ...
6 months ago Bleepingcomputer.com CVE-2024-53704

SonicWall firewall bug leveraged in attacks after PoC exploit release - On Thursday, cybersecurity company Arctic Wolf said they started detecting exploitation attempts targeting this vulnerability in attacks "shortly after the PoC was made public," confirming SonicWall's fears regarding the vulnerability's ...
6 months ago Bleepingcomputer.com CVE-2024-53704

The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
1 year ago Cyberdefensemagazine.com

IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com