CVE-2023-44221CISA KEV: Actively Exploited

SonicWall SMA100 Appliances OS Command Injection Vulnerability

Published May 1, 2025·Updated May 1, 2025

Description

SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free