Vulnerabilities > Sonicwall > SMA 100 Firmware > 10.2.0.8.37sv
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-07 | CVE-2025-32819 | Unspecified vulnerability in Sonicwall products A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. | 8.8 |
| 2025-05-07 | CVE-2025-32820 | Unspecified vulnerability in Sonicwall products A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. | 8.8 |
| 2025-05-07 | CVE-2025-32821 | Unspecified vulnerability in Sonicwall products A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. | 7.2 |
| 2021-12-23 | CVE-2021-20049 | Information Exposure Through Discrepancy vulnerability in Sonicwall products A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. | 7.5 |
| 2021-12-23 | CVE-2021-20050 | Unspecified vulnerability in Sonicwall products An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data. | 7.5 |