PT-2026-58292 · Sonicwall · Sma1000
Adam Babis
·
Published
2026-07-14
·
Updated
2026-07-15
·
CVE-2026-15410
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SonicWall SMA1000 series appliances (affected versions not specified)
Description
A post-authentication improper control of code generation issue exists in the Appliance Management Console (AMC). This flaw allows a remote authenticated attacker with administrator privileges to execute arbitrary OS commands. Additionally, the system is susceptible to Server-Side Request Forgery (SSRF), a technique where an attacker induces the server to make requests to an unintended location.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sma1000