Home

Description

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

PUBLISHED Reserved 2025-04-11 | Published 2025-05-07 | Updated 2025-07-19 | Assigner sonicwall

Problem types

CWE-552 Files or Directories Accessible to External Parties

Product status

Default status
unknown

10.2.1.14-75sv and earlier versions
affected

References

old.rapid7.com/...bilities-in-sonicwall-sma-100-series-2025/

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 vendor-advisory

cve.org (CVE-2025-32819)

nvd.nist.gov (CVE-2025-32819)

Download JSON