Ddos 
SonicWall’s Product Security Incident Response Team (PSIRT) has issued an important update for its SMA1000 series appliances following the discovery of a Server-Side Request Forgery (SSRF) vulnerability, tracked as CVE-2025-2170 and assigned a CVSS base score of 7.2.
The flaw resides in the WorkPlace interface of SMA1000 appliances, where, under certain conditions, an unauthenticated remote attacker could exploit the system to trigger unauthorized outbound requests to arbitrary destinations.
“A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location,” the advisory states.
This type of vulnerability can be leveraged to bypass access controls, scan internal networks, or exfiltrate data from otherwise inaccessible internal services.
Only SonicWall SMA1000 series appliances are affected. Other product lines, including SonicWall Firewalls and SMA 100 series, remain unaffected by this flaw.
| Affected Product | Impacted Versions | Fixed Version |
|---|---|---|
| SMA1000 | ≤ 12.4.3-02907 (platform-hotfix) | ≥ 12.4.3-02925 (platform-hotfix) |
“SonicWall PSIRT strongly advises users of the SMA1000 product to upgrade to the latest hotfix release version to address the vulnerability,” the advisory warns.
The recommended patch is available through MySonicWall, SonicWall’s customer portal.
Related Posts:
- Multiple Vulnerabilities Found in SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client
- CVE-2025-23006 (CVSS 9.8): SonicWall Warns of Active Exploits, Issues Urgent Update for SMA1000 Users
- Cisco releases patch to fix three high security bugs
- SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766)
- Akira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766)
Donate