Security News > 2025 > May > SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
2025-05-01 06:22

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-44221 (CVSS score: 7.2) - Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to


News URL

https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-44221 OS Command Injection vulnerability in Sonicwall products
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.
network
low complexity
sonicwall CWE-78
7.2
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 121 0 41 74 41 156