📦

sma_500v

Vendor: sonicwall

Actively Exploited 6 CISA KEV List

PoC / Exploits 4 Code Available

Total RCEs 10 Remote Access

Total CVEs 41 Total Indexed

Avg. EPSS 17.15% Exploit Prob.

Latest CVE CVE-2025-40603 Oct 31

Security Vulnerability Index

Page 4 / 5

9.1 CVSS

CVE-2021-20034

Exploit Found

An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.

EPSS: 5.44%

Severity: CRITICAL

Sep 27, 2021

9.8 CVSS

CVE-2021-20028

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier

EPSS: 80.80%

Severity: CRITICAL

Aug 04, 2021

9.8 CVSS

CVE-2021-20016

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

EPSS: 79.82%

Severity: CRITICAL

Feb 04, 2021

Displaying 3 of 41 Total Entries

1 2 3 4 5

Total 5 Sections