CVE-2023-44221

⚠ KEVEPSS 22.6%

SonicWall SMA100 Appliances OS Command Injection Vulnerability

Added to CISA KEV: 5/1/2025

Description

SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.

Affected packages (0)

No package mapping in OSV.