Security News > 2025 > April > Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
2025-04-18 11:35
CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of the vulnerability to say that can potentially lead to code execution, instead of only to denial of service (DoS). About CVE-2021-20035) Sonicwall SMA 100 series appliances provide a unified secure access gateway optimized for small … More → The post Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) appeared first on Help Net Security.
News URL
Related news
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
- CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE fallout: The splintering of the standard vulnerability tracking system has begun (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610) (source)
- How to Automate CVE and Vulnerability Advisory Response with Tines (source)
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-20035 | OS Command Injection vulnerability in Sonicwall products Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS. | 6.5 |