Friday , May 23 2025
SMA1000

SonicWall Patched for SSRF Vulnerability in SMA1000 Appliances

SonicWall’s Product Security Incident Response Team (PSIRT) has released a critical update for its SMA1000 series appliances due to a Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-2170, with a CVSS base score of 7.2.

The flaw in the SMA1000 appliances’ WorkPlace interface allows unauthenticated remote attackers to send unauthorized outbound requests to any destination under specific conditions.

Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

184 Million Leaked Credentials Discovered in Open Database

Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
184 Million Leaked Credentials Discovered in Open Database

Palo Alto Networks Warns of XSS Flaw: PoC Released

Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
Palo Alto Networks Warns of XSS Flaw: PoC Released

Pwn2Own Berlin reveals 29 critical vulns in major tech firms

Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
Pwn2Own Berlin reveals 29 critical vulns in major tech firms

High-Severity Flaw Hits Atlassian Jira Data Center

A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
High-Severity Flaw Hits Atlassian Jira Data Center

All major mobile networks go down across Spain

A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
All major mobile networks go down across Spain

Researchers found 200 billion files exposed in cloud buckets

Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
Researchers found 200 billion files exposed in cloud buckets

Bank server compromised using customer’s mobile, steal ₹11 crore

Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
Bank server compromised using customer’s mobile, steal ₹11 crore

“InfoSecCon-2025″ held successfully promising cyber resilience

"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
“InfoSecCon-2025″ held successfully promising cyber resilience

Intel PC, laptop and server processors affected for 6 years: Report

A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data...
Read More
Intel PC, laptop and server processors affected for 6 years: Report

“A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location,” the advisory reads.

This vulnerability can be used to bypass access controls, scan internal networks, or extract data from restricted internal services.

Only the SonicWall SMA1000 series appliances are affected; SonicWall Firewalls and SMA 100 series are not impacted.

“SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability,” the advisory warns.

The recommended patch can be found on MySonicWall, SonicWall’s customer portal.

Ransomware Attack On Biopharma : Hacker seeks $80k

Check Also

Pwn2Own Berlin

Pwn2Own Berlin reveals 29 critical vulns in major tech firms

Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day …

Leave a Reply

Your email address will not be published. Required fields are marked *