ГлавнаяУязвимости → CVE-2025-40599
9.1критическая

CVE-2025-40599

Описание

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.

Затрагиваемое ПО
Sonicwall Sma 210 firmwareSonicwall Sma 210Sonicwall Sma 410 firmwareSonicwall Sma 410Sonicwall Sma 500v firmwareSonicwall Sma 500v
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Источники
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0014