Sonicwall: >> Sma 500v Security Vulnerabilities
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.
CVSS Score
4.5
EPSS Score
0.001
Published
2025-10-31
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-07-23
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-23
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-07-23
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.
CVSS Score
9.1
EPSS Score
0.002
Published
2025-07-23
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-05-07
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-05-07
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-05-07
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVSS Score
8.1
EPSS Score
0.005
Published
2024-12-05
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVSS Score
8.1
EPSS Score
0.007
Published
2024-12-05
Page 1