SonicWall SMA 100 Firmware 10.2.1.2-24sv

CPE Details

SonicWall SMA 100 Firmware 10.2.1.2-24sv
sonicwall
sma_100_firmware
10.2.1.2-24sv
2022-01-03
16h39 +00:00
2022-01-03
16h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:sonicwall:sma_100_firmware:10.2.1.2-24sv:*:*:*:*:*:*:*

Informations

Vendor

sonicwall

Product

sma_100_firmware

Version

10.2.1.2-24sv

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-32821 2025-05-07 17h22 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
7.2
High
CVE-2025-32820 2025-05-07 17h20 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
8.8
High
CVE-2025-32819 2025-05-07 17h18 +00:00 A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
8.8
High
CVE-2021-20050 2021-12-23 00h20 +00:00 An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
7.5
High
CVE-2021-20049 2021-12-23 00h20 +00:00 A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.