CVE-2025-40595 | SonicWall SMA1000 up to 12.4.3-02925 Appliance Work Place Interface server-side request forgery (SNWLID-2025-0010)

Inserito da Angelo Barbosa | Mag 14, 2025 | CVE

A vulnerability has been found in SonicWall SMA1000 up to 12.4.3-02925 and classified as critical. This vulnerability affects unknown code of the component Appliance Work Place Interface. The manipulation leads to server-side request forgery.

This vulnerability was named CVE-2025-40595. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-40595 | SonicWall SMA1000 up to 12.4.3-02925 Appliance Work Place Interface server-side request forgery (SNWLID-2025-0010)

Post correlati

CVE-2024-10749 | ThinkAdmin up to 6.1.67 Plugs.php script uptoken deserialization

CVE-2024-20360 | Cisco FirePOWER Management Center up to 7.3.1.2 sql injection (cisco-sa-fmc-sqli-WFFDnNOs)

CVE-2024-29419 | Totolink X2000R prior 1.0.0-B20231213.1013 Easy Setup Page cross site scripting

CVE-2024-1043 | AMP for WP Plugin up to 1.0.93.1 on WordPress amppb_remove_saved_layout_data access control