Code Injection in SonicWall SMA 1000 - CVE-2026-15410

 

Code Injection in SonicWall SMA 1000 - CVE-2026-15410

Published: July 15, 2026


Vulnerability identifier: #VU137579
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2026-15410
CWE-ID: CWE-94
Exploitation vector: Remote access
Exploit availability: The vulnerability is being exploited in the wild
Vendor: SonicWall
Affected software:
SonicWall SMA 1000

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary OS commands.

The vulnerability exists due to improper control of generation of code in the SMA1000 Appliance Management Console (AMC) when processing crafted input under specific conditions. A remote privileged user can submit crafted input to execute arbitrary OS commands.

The issue is post-authentication and requires administrator access. Active exploitation has been observed in the wild.


How to mitigate CVE-2026-15410

Install security update from vendor's website.

Sources