SonicWall SMA100
Easy fix3 remedies
cpe:2.3:h:sonicwall:sma100:*:*:*:*:*:*:*, +2 more
Easy fix3 remedies
- <= 10.2.1.14
SonicWall SMA100 Path Traversal Vulnerability Allowing Directory Write Access
Vulnerability
Patched
A path traversal vulnerability has been identified in SonicWall SMA100 series appliances, specifically in versions through 10.2.1.14-75sv. This vulnerability allows remote authenticated attackers with SSLVPN user privileges to inject path traversal sequences, making any directory on the appliance writable. The issue arises from improper validation of file paths, enabling attackers to manipulate directory access and potentially exploit the vulnerability for unauthorized file modifications.
Impact
Exploitation of this vulnerability could lead to unauthorized write access in any directory on the affected SMA appliance, allowing for potential manipulation or replacement of files.
Remediation
Users are advised to upgrade to SonicWall SMA100 series version 10.2.1.15-81sv or higher. After updating, verify that no unauthorized logins have occurred. As an additional security measure, enable multifactor authentication and activate the Web Application Firewall (WAF) on SMA100.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
5.2impact
3.1exploitability
5.4remediation
7.9relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.