SonicWall SMA1000 Vulnerability Let Attackers To Exploit Encoded URLs To Gain Internal Systems Access Remotely - Cybernoz - Cybersecurity News

SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems Access

SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit encoded URLs to send unauthorized requests to unintended destinations, potentially compromising internal networks and sensitive […] The post So…

SonicWall SMA1000 Vulnerability Let Attackers To Exploit Encoded URLs To Gain Internal Systems Access Remotely - Cybernoz - Cybersecurity News

SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Tracked as CVE-2025-40595, the vulnerability carries a CVSS v3 score of 7.2, indicating a high-severity risk. Discovered by security researcher Ronan Kervella of Bishopfox, the flaw could enable remote, unauthenticated attackers to exploit encoded URLs to tr…

SonicWall Confirms Encoded URL Server-Side Request Forgery Vulnerability - Australian Cyber Security Magazine

SonicWall PSIRT has confirmed an Encoded URL Server-Side Request Forgery vulnerability affecting SMA 1000 appliances, including SMA 6210, SMA 7200, SMA 7210, SMA 8200v & Central Management Server (CMS). SonicWall [...]