CVE-2025-2170 | THREATINT

Description

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.

PUBLISHED Reserved 2025-03-10 | Published 2025-04-30 | Updated 2025-05-14 | Assigner sonicwall

Problem types

CWE-918 Server-Side Request Forgery (SSRF)

Product status

Default status

unknown

12.4.3-02907 (platform-hotfix) and earlier versions

affected

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0008

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0008 vendor-advisory

cve.org (CVE-2025-2170)

nvd.nist.gov (CVE-2025-2170)

Download JSON