CVE Details

CVE-2026-15410 SonicWall SMA1000 Appliances Code Injection Vulnerability
Published: 2026-07-14 CVSS: 7.2 HIGH Product: SonicWall SMA1000 Appliances Due Date: 2026-07-17

SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.

No GitHub PoC data.

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

No EPSS data.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 7.2
  • Severity: HIGH
  • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SSVC

  • Exploitation: active
  • Automatable: no
  • Technical Impact: total

References

Show Raw Data
Key Remaining Key Value
dataType CVE_RECORD
dataVersion 5.2
cveMetadata > cveId CVE-2026-15410
cveMetadata > assignerOrgId 44b2ff79-1416-4492-88bb-ed0da00c7315
cveMetadata > state PUBLISHED
cveMetadata > assignerShortName sonicwall
cveMetadata > dateReserved 2026-07-10T14:12:17.270Z
cveMetadata > datePublished 2026-07-14T19:43:03.226Z
cveMetadata > dateUpdated 2026-07-14T20:10:55.748Z
containers > cna > providerMetadata > orgId 44b2ff79-1416-4492-88bb-ed0da00c7315
containers > cna > providerMetadata > shortName sonicwall
containers > cna > providerMetadata > dateUpdated 2026-07-14T19:43:03.226Z
containers > cna > datePublic 2026-07-14T19:41:00.000Z
containers > cna > problemTypes > 0 > descriptions > 0 > lang en
containers > cna > problemTypes > 0 > descriptions > 0 > cweId CWE-94
containers > cna > problemTypes > 0 > descriptions > 0 > description CWE-94: Improper Control of Generation of Code ('Code Injection')
containers > cna > problemTypes > 0 > descriptions > 0 > type CWE
containers > cna > affected > 0 > vendor SonicWall
containers > cna > affected > 0 > product SMA1000
containers > cna > affected > 0 > platforms > 0 Linux
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > affected > 0 > versions > 0 > version 12.4.3-03245
containers > cna > affected > 0 > versions > 0 > lessThanOrEqual 12.4.3-03434
containers > cna > affected > 0 > versions > 0 > versionType custom
containers > cna > affected > 0 > versions > 1 > status affected
containers > cna > affected > 0 > versions > 1 > version 12.5.0-02283
containers > cna > affected > 0 > versions > 1 > lessThanOrEqual 12.5.0-02800
containers > cna > affected > 0 > versions > 1 > versionType custom
containers > cna > affected > 0 > defaultStatus unknown
containers > cna > descriptions > 0 > lang en
containers > cna > descriptions > 0 > value Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
containers > cna > descriptions > 0 > supportingMedia > 0 > type text/html
containers > cna > descriptions > 0 > supportingMedia > 0 > base64 False
containers > cna > descriptions > 0 > supportingMedia > 0 > value Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
containers > cna > references > 0 > url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008
containers > cna > references > 0 > tags > 0 vendor-advisory
containers > cna > credits > 0 > lang en
containers > cna > credits > 0 > value Adam Babis of SonicWall PSIRT
containers > cna > credits > 0 > type finder
containers > cna > source > advisory SNWLID-2026-0008
containers > cna > source > discovery INTERNAL
containers > cna > x_generator > engine Vulnogram 1.0.2
containers > adp > 0 > references > 0 > url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15410
containers > adp > 0 > references > 0 > tags > 0 government-resource
containers > adp > 0 > metrics > 0 > cvssV3_1 > scope UNCHANGED
containers > adp > 0 > metrics > 0 > cvssV3_1 > version 3.1
containers > adp > 0 > metrics > 0 > cvssV3_1 > baseScore 7.2
containers > adp > 0 > metrics > 0 > cvssV3_1 > attackVector NETWORK
containers > adp > 0 > metrics > 0 > cvssV3_1 > baseSeverity HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > vectorString CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
containers > adp > 0 > metrics > 0 > cvssV3_1 > integrityImpact HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > userInteraction NONE
containers > adp > 0 > metrics > 0 > cvssV3_1 > attackComplexity LOW
containers > adp > 0 > metrics > 0 > cvssV3_1 > availabilityImpact HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > privilegesRequired HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > confidentialityImpact HIGH
containers > adp > 0 > metrics > 1 > other > type ssvc
containers > adp > 0 > metrics > 1 > other > content > timestamp 2026-07-14T20:10:49.243301Z
containers > adp > 0 > metrics > 1 > other > content > id CVE-2026-15410
containers > adp > 0 > metrics > 1 > other > content > options > 0 > Exploitation active
containers > adp > 0 > metrics > 1 > other > content > options > 1 > Automatable no
containers > adp > 0 > metrics > 1 > other > content > options > 2 > Technical Impact total
containers > adp > 0 > metrics > 1 > other > content > role CISA Coordinator
containers > adp > 0 > metrics > 1 > other > content > version 2.0.3
containers > adp > 0 > title CISA ADP Vulnrichment
containers > adp > 0 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 0 > providerMetadata > shortName CISA-ADP
containers > adp > 0 > providerMetadata > dateUpdated 2026-07-14T20:10:55.748Z