What the vulnerability does

01Description

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.

Key dates

02Disclosure timeline

May 7, 2025 CVE published
May 7, 2025 Record updated