SB2026071507 - Multiple vulnerabilities in SonicWall SMA1000 Series appliances
Published: July 15, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2026-15409)
CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:A/U:Red
The vulnerability allows a remote attacker to cause the appliance to make requests to unintended locations.
The vulnerability exists due to server-side request forgery in the SMA1000 Appliance Work Place interface when handling crafted requests. A remote attacker can send a specially crafted request to cause the appliance to make requests to unintended locations.
Active exploitation has been observed in the wild.
2) Code Injection (CVE-ID: CVE-2026-15410)
CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
The vulnerability allows a remote user to execute arbitrary OS commands.
The vulnerability exists due to improper control of generation of code in the SMA1000 Appliance Management Console (AMC) when processing crafted input under specific conditions. A remote privileged user can submit crafted input to execute arbitrary OS commands.
The issue is post-authentication and requires administrator access. Active exploitation has been observed in the wild.
Remediation
Install update from vendor's website.