CyberSecurity News
SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits
AI summary
SonicWall has issued a warning about two zero-day exploits in its SMA1000 product. These vulnerabilities can be exploited to achieve remote code execution. The vulnerabilities are identified as CVE-2026-15409 and CVE-2026-15410. SonicWall has urged users to patch these issues due to their severity.
Vulnerabilities mentioned
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to SecurityWeek.

