CVE-2026-4112
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
17th
Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
| CWE | CWE-89 |
| Vendor | sonicwall |
| Product | sma1000 |
| Published | Apr 9, 2026 |
| Last Updated | Apr 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for sonicwall sma1000
Be the first to know when new unknown vulnerabilities affecting sonicwall sma1000 are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
SonicWall / SMA1000
12.4.3-03245 (platform-hotfix) and earlier versions. 12.5.0-02283 (platform-hotfix) and earlier versions.