Monday, May 12, 2025
HomeCVE/vulnerabilityMultiple SonicWall Vulnerabilities Let Attackers Execute Remote Code

Multiple SonicWall Vulnerabilities Let Attackers Execute Remote Code

Published on

SIEM as a Service

Follow Us on Google News

SonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances.

These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity.

SonicWall urges users to take immediate action by updating their devices to the latest firmware to mitigate these risks.

- Advertisement - Google News

These issues affect SMA 200, 210, 400, 410, and 500v appliances running firmware version 10.2.1.13-72sv or earlier. Products from the SonicWall SSL VPN SMA1000 series are confirmed to be unaffected.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

Vulnerability List

  1. CVE-2024-38475: Path Traversal Vulnerability
    Originating from Apache HTTP Server’s mod_rewrite module, this vulnerability allows attackers to map URLs to sensitive filesystem locations, potentially exposing restricted files.
  2. CVE-2024-40763: Heap-Based Buffer Overflow
    A heap-based buffer overflow in SMA100 devices, caused by improper memory handling, can be exploited by attackers to execute malicious code or crash the system.
  3. CVE-2024-45318: Stack-Based Buffer Overflow
    A vulnerability in the SMA100 web management interface permits attackers to trigger a stack-based buffer overflow, potentially allowing the execution of arbitrary code on the device.
  4. CVE-2024-45319: Certificate-Based Authentication Bypass
    This flaw allows attackers to bypass the certificate requirement during authentication, granting unauthorized access to the system.
  5. CVE-2024-53702: Insecure Randomness
    The use of a weak pseudo-random number generator (PRNG) in the SMA100 backup code mechanism can enable attackers to predict the output, potentially exposing sensitive information.
  6. CVE-2024-53703: Stack-Based Buffer Overflow in Apache
    A stack-based buffer overflow in the mod_httprp library used by SMA100 devices running Apache allows attackers to execute arbitrary code remotely.

Affected Products

The vulnerabilities impact the SonicWall SMA 100 series (SMA 200, 210, 400, 410, 500v), specifically firmware version 10.2.1.13-72sv and earlier.

The following table provides a detailed summary of affected products and versions:

Product SeriesProduct ModelsAffected Firmware Version
SonicWall SMA 100SMA 200, SMA 21010.2.1.13-72sv and earlier
SMA 400, SMA 41010.2.1.13-72sv and earlier
SMA 500v10.2.1.13-72sv and earlier
SonicWall SMA 1000All modelsNot affected

SonicWall recommends all users immediately update to the latest firmware to address these issues.

SonicWall has stated there is currently no evidence of active exploitation in the wild, but given the severity of these vulnerabilities, organizations are urged to act without delay.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses



Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...

APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations

The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...