CVE Details

CVE-2026-15409 SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability
Published: 2026-07-14 CVSS: 10 CRITICAL Product: SonicWall SMA1000 Appliances Due Date: 2026-07-17

SonicWall SMA1000 Appliances contain a server-side request forgery vulnerability that could allow a remote unauthenticated attacker to potentially cause the appliance to make requests to unintended location.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.

No GitHub PoC data.

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

No EPSS data.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 10
  • Severity: CRITICAL
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC

  • Exploitation: active
  • Automatable: yes
  • Technical Impact: total

References

Show Raw Data
Key Remaining Key Value
dataType CVE_RECORD
dataVersion 5.2
cveMetadata > cveId CVE-2026-15409
cveMetadata > assignerOrgId 44b2ff79-1416-4492-88bb-ed0da00c7315
cveMetadata > state PUBLISHED
cveMetadata > assignerShortName sonicwall
cveMetadata > dateReserved 2026-07-10T14:12:14.377Z
cveMetadata > datePublished 2026-07-14T19:39:34.808Z
cveMetadata > dateUpdated 2026-07-14T20:10:03.609Z
containers > cna > providerMetadata > orgId 44b2ff79-1416-4492-88bb-ed0da00c7315
containers > cna > providerMetadata > shortName sonicwall
containers > cna > providerMetadata > dateUpdated 2026-07-14T19:43:54.725Z
containers > cna > datePublic 2026-07-14T19:40:00.000Z
containers > cna > problemTypes > 0 > descriptions > 0 > lang en
containers > cna > problemTypes > 0 > descriptions > 0 > cweId CWE-918
containers > cna > problemTypes > 0 > descriptions > 0 > description CWE-918: Server-Side Request Forgery (SSRF)
containers > cna > problemTypes > 0 > descriptions > 0 > type CWE
containers > cna > affected > 0 > vendor SonicWall
containers > cna > affected > 0 > product SMA1000
containers > cna > affected > 0 > platforms > 0 Linux
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > affected > 0 > versions > 0 > version 12.4.3-03245
containers > cna > affected > 0 > versions > 0 > lessThanOrEqual 12.4.3-03434
containers > cna > affected > 0 > versions > 0 > versionType custom
containers > cna > affected > 0 > versions > 1 > status affected
containers > cna > affected > 0 > versions > 1 > version 12.5.0-02283
containers > cna > affected > 0 > versions > 1 > lessThanOrEqual 12.5.0-02800
containers > cna > affected > 0 > versions > 1 > versionType custom
containers > cna > affected > 0 > defaultStatus unknown
containers > cna > descriptions > 0 > lang en
containers > cna > descriptions > 0 > value A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
containers > cna > descriptions > 0 > supportingMedia > 0 > type text/html
containers > cna > descriptions > 0 > supportingMedia > 0 > base64 False
containers > cna > descriptions > 0 > supportingMedia > 0 > value A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
containers > cna > references > 0 > url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008
containers > cna > references > 0 > tags > 0 vendor-advisory
containers > cna > credits > 0 > lang en
containers > cna > credits > 0 > value Adam Babis of SonicWall PSIRT
containers > cna > credits > 0 > type finder
containers > cna > source > advisory SNWLID-2026-0008
containers > cna > source > discovery INTERNAL
containers > cna > x_generator > engine Vulnogram 1.0.2
containers > adp > 0 > references > 0 > url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15409
containers > adp > 0 > references > 0 > tags > 0 government-resource
containers > adp > 0 > metrics > 0 > cvssV3_1 > scope CHANGED
containers > adp > 0 > metrics > 0 > cvssV3_1 > version 3.1
containers > adp > 0 > metrics > 0 > cvssV3_1 > baseScore 10
containers > adp > 0 > metrics > 0 > cvssV3_1 > attackVector NETWORK
containers > adp > 0 > metrics > 0 > cvssV3_1 > baseSeverity CRITICAL
containers > adp > 0 > metrics > 0 > cvssV3_1 > vectorString CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
containers > adp > 0 > metrics > 0 > cvssV3_1 > integrityImpact HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > userInteraction NONE
containers > adp > 0 > metrics > 0 > cvssV3_1 > attackComplexity LOW
containers > adp > 0 > metrics > 0 > cvssV3_1 > availabilityImpact HIGH
containers > adp > 0 > metrics > 0 > cvssV3_1 > privilegesRequired NONE
containers > adp > 0 > metrics > 0 > cvssV3_1 > confidentialityImpact HIGH
containers > adp > 0 > metrics > 1 > other > type ssvc
containers > adp > 0 > metrics > 1 > other > content > timestamp 2026-07-14T20:09:59.971667Z
containers > adp > 0 > metrics > 1 > other > content > id CVE-2026-15409
containers > adp > 0 > metrics > 1 > other > content > options > 0 > Exploitation active
containers > adp > 0 > metrics > 1 > other > content > options > 1 > Automatable yes
containers > adp > 0 > metrics > 1 > other > content > options > 2 > Technical Impact total
containers > adp > 0 > metrics > 1 > other > content > role CISA Coordinator
containers > adp > 0 > metrics > 1 > other > content > version 2.0.3
containers > adp > 0 > title CISA ADP Vulnrichment
containers > adp > 0 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 0 > providerMetadata > shortName CISA-ADP
containers > adp > 0 > providerMetadata > dateUpdated 2026-07-14T20:10:03.609Z