CVE-2025-32821 | THREATINT

Description

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.

PUBLISHED Reserved 2025-04-11 | Published 2025-05-07 | Updated 2025-05-08 | Assigner sonicwall

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status

unknown

10.2.1.14-75sv and earlier versions

affected

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0011 vendor-advisory

cve.org (CVE-2025-32821)

nvd.nist.gov (CVE-2025-32821)

Download JSON