SonicWall Security Alarm: Critical Bugs Exploited – Patch Now or Regret Later!

SonicWall this week warned of active exploitation of vulnerabilities in its Secure Mobile Access (SMA) 100 Series products. CVE-2023-44221 requires admin privileges, but CVE-2024-38475 is a critical flaw that’s exploitable remotely. Update your appliances, unless you enjoy living on the edge of cyber chaos!

3P
Published: May 1, 2025 10:00 amAdded: May 1, 2025 at 3:17 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Oh, SonicWall, when it rains, it pours! It’s like your SMA 100 Series products are playing a game of “Who Wants to Be a Vulnerability?” with hackers as the eager contestants. With OS command injections and path traversals, it’s a hacker’s paradise out there. Time to patch up those digital fortresses before they become more hole than wall!

Key Points:

  • SonicWall warns of active exploitation of two vulnerabilities in SMA 100 Series products.
  • CVE-2023-44221 is an OS command injection bug requiring admin privileges.
  • CVE-2024-38475 is a critical path traversal flaw in Apache HTTP Server, exploitable without authentication.
  • Both vulnerabilities were patched in software updates released in December 2023 and 2024.
  • Clients urged to update to the latest software, as exploitations are happening in the wild.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?