2026年7月15日星期三

SonicWall SMA1000 Series Products Multiple Vulnerabilities

SonicWall SMA1000 Series Products Multiple Vulnerabilities

Release Date: 15 Jul 2026

RISK: High Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in SonicWall SMA1000 Series Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

 

Note: 

CVE-2026-15409 and CVE-2026-15410 is being exploited in the wild. For CVE-2026-15409, it is a server-side request forgery vulnerability which a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location. For CVE-2026-15410, it is a post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands. Hence, the risk level is rated as High Risk.


Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • SMA1000 Models - 6210, 7210, 8200v 
    • 12.4.3-03245, 12.4.3-03387 and 12.4.3-03434 (platform-hotfix)
    • 12.5.0-02283, 12.5.0-02624 and 12.5.0-02800 (platform-hotfix)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link

沒有留言:

發佈留言

Mozilla 產品多個漏洞

Mozilla 產品多個漏洞 發佈日期: 2026年07月15日 風險: 高度風險 類型: 用戶端 - 瀏覽器 於 Mozilla 產品發現多個...