SonicWall SMA100 SSLVPN Firmware Vulnerability Could Lead to Code Execution
CVE-2024-53703

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Sma100
Vendor: CVE Published:; 5 December 2024

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-53703?

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

Affected Version(s)

SMA100 Linux 10.2.1.13-72sv and earlier versions

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cve-2024-53703-poc
Created by scrt

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 4, 2025
👾
Exploit known to exist
Jun 4, 2025
Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Nov 22, 2024

Credit

Alain Mowat of Orange Cyberdefense, Switzerland.

Sonicwall