Home

Description

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.

PUBLISHED Reserved 2025-04-11 | Published 2025-05-07 | Updated 2025-05-07 | Assigner sonicwall

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unknown

10.2.1.14-75sv and earlier versions
affected

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 vendor-advisory

cve.org (CVE-2025-32820)

nvd.nist.gov (CVE-2025-32820)

Download JSON