cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-23006,https://securityvulnerability.io/vulnerability/CVE-2025-23006,Pre-authentication Deserialization Vulnerability in SMA1000 Appliance Management Console by SonicWall,"A vulnerability exists within the SMA1000 Appliance Management Console and Central Management Console that allows for the pre-authentication deserialization of untrusted data. This flaw can potentially let a remote unauthenticated attacker execute arbitrary OS commands under specific conditions, posing a significant security risk to affected systems.",Sonicwall,Sma1000,9.8,CRITICAL,0.013690000399947166,true,2025-01-24T00:00:00.000Z,true,true,true,2025-01-23T10:40:50.000Z,false,true,false,,2025-01-23T11:37:41.148Z,3762
CVE-2024-45317,https://securityvulnerability.io/vulnerability/CVE-2024-45317,SSRF Vulnerability in SMA1000 Appliance Firmware Could Lead to Unintended IP Address Requests,"A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.",Sonicwall,Sma1000,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-11T08:30:23.707Z,0
CVE-2023-0126,https://securityvulnerability.io/vulnerability/CVE-2023-0126,Path Traversal Vulnerability in SMA1000 Firmware by SonicWall,"A pre-authentication path traversal vulnerability exists in the SMA1000 firmware version 12.4.2, enabling an unauthenticated attacker to access sensitive files and directories located outside the intended web root. This flaw poses a significant security risk, as it allows for unauthorized data exposure and potential system compromise.",SonicWall,SonicWall SMA1000,7.5,HIGH,0.24744999408721924,false,,false,false,false,,,false,false,,2023-01-19T00:00:00.000Z,0
CVE-2022-22282,https://securityvulnerability.io/vulnerability/CVE-2022-22282,Improper Access Control in SonicWall SMA1000 Series Firmware,"The SonicWall SMA1000 series firmware versions 12.4.0, 12.4.1-02965 and earlier suffer from an improper access control vulnerability. This issue arises when the firmware improperly restricts access, allowing unauthorized actors to gain access to sensitive resources through HTTP connections. This flaw can potentially lead to various security concerns if not addressed promptly.",Sonicwall,Sonicwall Sma1000,9.8,CRITICAL,0.002630000002682209,false,,false,false,false,,,false,false,,2022-05-13T19:40:18.000Z,0
CVE-2022-1702,https://securityvulnerability.io/vulnerability/CVE-2022-1702,Open Redirection Vulnerability in SonicWall SMA1000 Series Firmware,"The SonicWall SMA1000 series firmware versions 12.4.0 and 12.4.1-02965, along with earlier versions, are vulnerable to an open redirection attack. This flaw allows an attacker to manipulate user-controlled input to redirect users to unintended external sites, potentially leading to phishing schemes or other malicious activities. Proper security measures are crucial to mitigate such vulnerabilities and safeguard user data. For more details, visit the official SonicWall PSIRT page.",Sonicwall,Sonicwall Sma1000,6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2022-05-13T19:40:15.000Z,0
CVE-2022-1701,https://securityvulnerability.io/vulnerability/CVE-2022-1701,Weak Encryption in SonicWall SMA1000 Series Firmware,"The SonicWall SMA1000 series firmware prior to version 12.4.1-02965 allows for inadequate protection of sensitive data due to the use of a shared and hard-coded encryption key. This vulnerability can potentially expose stored information, posing significant risks to data confidentiality and integrity. Users are encouraged to update their firmware to safeguard against this exposure.",Sonicwall,Sonicwall Sma1000,7.5,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2022-05-13T19:40:14.000Z,0
CVE-2020-5132,https://securityvulnerability.io/vulnerability/CVE-2020-5132,,"SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.",Sonicwall,"Sma100,Sma1000,Sonicos",5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2020-09-30T05:25:11.000Z,0
CVE-2020-5129,https://securityvulnerability.io/vulnerability/CVE-2020-5129,,A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.,Sonicwall,Sma1000,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-03-26T03:35:12.000Z,0