Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-15410

Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 73.8%
CVSS Severity
CVSS v3 Score 7.2
Proposed Action
SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Ransomware Campaign
Unknown
Products affected by CVE-2026-15410


Contact Us

Shodan ® - All rights reserved