Most Exploited Internet-Facing Products

MEIFP

Back to Ranking

SonicWall

Products: Email Security · SMA 100 Series · SMA100 · SMA1000 · SonicOS

165.7

Score

7

CVEs

5

Active

2

PoC

5

KEV

#13

Rank

Period:

Product:

CVE ID	Published	CVSS	Exploit	KEV	AC	PR	Auto	Score(hover)	Affected Products	Description
CVE-2025-40602	2025-12-18	6.6v3.1	ACTIVE		High	High	no	20.0	SMA1000	A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
CVE-2025-32819	2025-05-07	8.8v3.1	POC	—	Low	Low	no	0.0	SMA100	A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
CVE-2025-23006	2025-01-23	9.8v3.1	ACTIVE		Low	None	YES	40.6	SMA1000	Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
CVE-2024-53704	2025-01-09	8.2v3.1	ACTIVE		Low	None	YES	40.6	SonicOS	An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVE-2024-40766	2024-08-23	9.3v3.1	ACTIVE		Low	None	YES	40.6	SonicOS	An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devi
CVE-2024-22398	2024-03-14	4.9v3.1	POC	—	Low	High	no	0.0	Email Security	An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.
CVE-2023-44221	2023-12-05	7.2v3.1	ACTIVE		Low	High	no	24.0	SMA100	Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Each CVE: 10 pts base (Active only), boosted by:

KEV×2.0AC: Low×1.2PR: None×1.3PR: Low×1.1Auto×1.3