SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems Access
Posted: Sun May 18, 2025 7:53 am
SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability.
The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit encoded URLs to send unauthorized requests to unintended destinations, potentially compromising internal networks and sensitive data.
https://gbhackers.com/sonicwall-sma1000 ... oded-urls/
The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit encoded URLs to send unauthorized requests to unintended destinations, potentially compromising internal networks and sensitive data.
https://gbhackers.com/sonicwall-sma1000 ... oded-urls/