Vulnerability Details CVE-2025-40599
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2025-40599
-
cpe:2.3:h:sonicwall:sma_210:-
-
cpe:2.3:h:sonicwall:sma_410:-
-
cpe:2.3:h:sonicwall:sma_500v:-
-
cpe:2.3:o:sonicwall:sma_210_firmware:-
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.0
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.7-34sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.9-41sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.0
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.0-17sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.10-62sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.11-65sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.14-75sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.15-81sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.2-24sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.4-31sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.9-57sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:8.0.0.0
-
cpe:2.3:o:sonicwall:sma_210_firmware:9.0.0.10
-
cpe:2.3:o:sonicwall:sma_210_firmware:9.0.0.10-28sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:-
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.0
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.7-34sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.9-41sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.0
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.0-17sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.10-62sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.11-65sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.14-75sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.15-81sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.2-24sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.4-31sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.9-57sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:8.0.0.0
-
cpe:2.3:o:sonicwall:sma_410_firmware:9.0.0.10
-
cpe:2.3:o:sonicwall:sma_410_firmware:9.0.0.10-28sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:-
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.9-41sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.10-62sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.11-65sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.14-75sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.15-81sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.2-24sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.4-31sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.9-57sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:8.0.0.0
-
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.10
-
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.10-28sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.9-26sv