SSRF Vulnerability in SMA1000 Appliance Firmware Could Lead to Unintended IP Address Requests

CVE-2024-45317

Currently unrated 🤨

Key Information

Vendor: Sonicwall
Status: Sma1000
Vendor: CVE Published:; 11 October 2024

Summary

A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.

Affected Version(s)

SMA1000 = 12.4.3-02676 and earlier versions

Timeline

Vulnerability published.
Oct 11, 2024
Vulnerability Reserved.
Aug 26, 2024

Collectors

NVD DatabaseMitre Database

Credit

Wenjie Zhong (H4lo) of Webin DBappSecurity Co., Ltd.