CVE-2025-2170 - AskarLabs CVE Database

CVE-2025-2170

Vendor Sonicwall

Product SMA1000

Weakness CWE-918 · SSRF

Published April 30, 2025

Last update May 14, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.

Key dates

02Disclosure timeline

April 30, 2025 CVE published

May 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-2170 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/918.html

Related vulnerabilities

04Related CVE

CVE-2022-2339 Server-Side Request Forgery (SSRF) in nocodb/nocodb CVE-2024-32965 ssrf vulnerability in lobe-chat CVE-2025-31796 WordPress ElementsCSS Addons for Elementor plugin <= 1.0.8.9 - Server Side Request Forgery (SSRF) vulnerability CVE-2025-46531 WordPress WP AVCL Automation Helper (formerly WPFlyLeads) plugin <= 3.4 - Server Side Request Forgery (SSRF) Vulnerability CVE-2025-69299 WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability