PT-2026-58292 · Sonicwall · Sma1000

Adam Babis

·

Published

2026-07-14

·

Updated

2026-07-15

·

CVE-2026-15410

CVSS v3.1

7.2

High

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances (affected versions not specified)
Description A post-authentication improper control of code generation issue exists in the Appliance Management Console (AMC). This flaw allows a remote authenticated attacker with administrator privileges to execute arbitrary OS commands. Additionally, the system is susceptible to Server-Side Request Forgery (SSRF), a technique where an attacker induces the server to make requests to an unintended location.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15410

Affected Products

Sma1000