Description:
SonicWall released a security advisory to address vulnerability in SonicWall SMA1000 Series products. An attacker could exploit this vulnerability by sending specially crafted requests to an affected system.
Affected Systems:
- SonicWall SMA1000 series prior to version 12.4.3-02963 (May-hotfix)
For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.
Impact:
Successful exploitation of the vulnerability could lead to security restriction bypass on the affected system.
Recommendation:
Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.
More Information:
- https://www.sonicwall.com/support/notices/product-notice-sma-1000-series-affected-by-encoded-url-ssrf-vulnerability/250513120756710
- https://www.hkcert.org/security-bulletin/sonicwall-products-security-restriction-bypass-vulnerability_20250516
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40595
