CVE-2026-15409
CVSS Score
10.0
EPSS Score
1.4%
EPSS Percentile
69th
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
| CWE | CWE-918 |
| Vendor | sonicwall |
| Product | sma1000 |
| Published | Jul 14, 2026 |
| Last Updated | Jul 16, 2026 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for sonicwall sma1000
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2026-15409.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
SonicWall / SMA1000
12.4.3-03245 โค 12.4.3-03434 12.5.0-02283 โค 12.5.0-02800
References
Credits
Adam Babis of SonicWall PSIRT