SonicWall’s Product Security Incident Response Team (PSIRT) has released a critical update for its SMA1000 series appliances due to a Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-2170, with a CVSS base score of 7.2.
The flaw in the SMA1000 appliances’ WorkPlace interface allows unauthenticated remote attackers to send unauthorized outbound requests to any destination under specific conditions.
By infosecbulletin
/ Friday , May 23 2025
A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
By infosecbulletin
/ Friday , May 23 2025
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
By infosecbulletin
/ Wednesday , May 21 2025
Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
By infosecbulletin
/ Wednesday , May 21 2025
Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
By infosecbulletin
/ Wednesday , May 21 2025
A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
By infosecbulletin
/ Tuesday , May 20 2025
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
By infosecbulletin
/ Monday , May 19 2025
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
By infosecbulletin
/ Sunday , May 18 2025
Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
By infosecbulletin
/ Sunday , May 18 2025
"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
By infosecbulletin
/ Saturday , May 17 2025
A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data...
Read More
“A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location,” the advisory reads.
This vulnerability can be used to bypass access controls, scan internal networks, or extract data from restricted internal services.
Only the SonicWall SMA1000 series appliances are affected; SonicWall Firewalls and SMA 100 series are not impacted.
“SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability,” the advisory warns.
The recommended patch can be found on MySonicWall, SonicWall’s customer portal.
Ransomware Attack On Biopharma : Hacker seeks $80k