Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series
CVE-2025-40599
Key Information:
- Vendor
Sonicwall
- Status
- Vendor
- CVE Published:
- 23 July 2025
Badges
What is CVE-2025-40599?
An arbitrary file upload vulnerability exists in SonicWall's SMA 100 series web management interface. This flaw allows a remote attacker with administrative privileges to upload arbitrary files, which can lead to potential remote code execution. Organizations using the SMA 100 Series are advised to evaluate their security posture and take the necessary measures to mitigate this risk.
Affected Version(s)
SMA 100 Series Linux 10.2.1.15-81sv and earlier versions
News Articles
Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know | Bitsight
New SonicWall SMA100 vulnerabilities (CVE-2025-40596 to CVE-2025-40599) could enable remote code execution—even on patched devices. While Akira ransomware activ
1 month ago
Help Net SecurityCVE-2025-40599SonicWall firewalls targeted in ransomware attacks, possibly via zero-day - Help Net Security
Attackers using the Akira ransomware and possibly a zero-day exploit have been targeting SonicWall firewalls since July 15, 2025.
1 month ago
Help Net SecurityCVE-2025-40599Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) - Help Net Security
Sonicwall is asking customers SMA 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible.
References
CVSS V3.1
Timeline
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 📰
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved