Sma 1000
This hub aggregates every CVE we track for Sma 1000, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
2
Critical
6
High
2
In CISA KEV
Severity distribution
HIGH6MEDIUM3CRITICAL2
Monthly trend
0
0
0
0
0
0
1
0
0
0
1
0
0
0
0
0
0
1
0
0
0
4
0
0
2024-072026-06
Latest CVEs
The 11 most recently published vulnerabilities affecting Sma 1000.
- CVE-2026-4116Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.7.2
- CVE-2026-4114Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.6.6
- CVE-2026-4113An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.7.2
- CVE-2026-4112Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator p...7.2
- CVE-2025-40602A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).KEV6.6
- CVE-2025-40595A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially ca...7.2
- CVE-2025-23006Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific cond...KEV9.8
- CVE-2023-0126Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root di...7.5
- CVE-2022-22282SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access C...9.8
- CVE-2022-1702SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to ...6.1
- CVE-2022-1701SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.7.5
Product normalization is registry-driven with AI assist and human review. How it works