CVE-2025-32821 - AskarLabs CVE Database

CVE-2025-32821

Vendor Sonicwall

Product SMA100

Weakness CWE-78

Published May 7, 2025

Last update February 26, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.

Key dates

02Disclosure timeline

May 7, 2025 CVE published

February 26, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-32821

Related vulnerabilities

04Related CVE

CVE-2023-34281 D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability CVE-2023-1997 OS Command Injection vulnerability affecting SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x CVE-2025-6541 OS command injection using information obtained from the web management interface CVE-2022-50596 D-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthenticated Command Injection CVE-2023-30805 Sangfor Next-Gen Application Firewall Login Un Param Command Injection