CVE-2022-1702

Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series firmware versions 12.4.0, 12.4.1-02965 and earlier

Description The issue is related to open redirection, where a user-controlled input specifies a link to an external site, and this link is used in a redirect. This could allow a remote attacker to redirect a user to an arbitrary URL using a specially crafted link. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For SonicWall SMA1000 series firmware versions 12.4.0, 12.4.1-02965 and earlier, consider disabling the redirect functionality until a patch is available. Restrict access to external links to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.