CVE-2026-15410
CVSS Score
7.2
EPSS Score
1.6%
EPSS Percentile
74th
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
| CWE | CWE-94 |
| Vendor | sonicwall |
| Product | sma1000 |
| Published | Jul 14, 2026 |
| Last Updated | Jul 16, 2026 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for sonicwall sma1000
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2026-15410.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
SonicWall / SMA1000
12.4.3-03245 โค 12.4.3-03434 12.5.0-02283 โค 12.5.0-02800
References
Credits
Adam Babis of SonicWall PSIRT