Security News > 2025 > May > Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed by updating the associated advisories. CISA has added the two flaws to its Known Exploited Vulnerabilities catalog, and Watchtowr researchers have analyzed how they can be being chained together and have released a proof-of-concept exploit (or, as they call it, a “Detection Artefact Generator”). The exploited vulnerabilities (CVE-2024-38475, CVE-2023-44221) Sonicwall SMA100 appliances are VPN … More → The post Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/05/02/sonicwall-cve-2024-38475-cve-2023-44221-exploited/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-38475 | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. | 0.0 |
| 2023-12-05 | CVE-2023-44221 | OS Command Injection vulnerability in Sonicwall products Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability. | 7.2 |