importantSYS.SOURCE: The Hacker News• 2026-07-15T11:00:21+05:30
SonicWall SMA 1000 Zero-Day Vulnerabilities Actively Exploited, Enabling Admin Command Execution
SonicWall has confirmed active exploitation of two zero-day vulnerabilities in the SMA 1000 series, with one allowing remote attackers to execute arbitrary commands as administrators. Patches are available, and organizations are urged to apply fixes immediately to mitigate risks.
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.
The vulnerabilities are listed below -
CVE-2026-15409 (CVSS score: 10.0) - A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit to
*** END OF TRANSMISSION ***