SonicWall Security Snafu: Exploited Flaws Now Patched, But Is It Too Late?

SonicWall has discovered that two patched security flaws in its SMA100 appliances are being exploited in the wild. These vulnerabilities can lead to OS command injection and unauthorized access to files. SonicWall urges users to check their devices for unauthorized logins. Remember, keeping your security updated is like flossing—don’t skip it!

3P
Published: May 1, 2025 7:01 amAdded: May 1, 2025 at 12:22 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like SonicWall’s SMA100 devices have been playing a dangerous game of hide and seek with hackers. But don’t worry, folks, the vulnerabilities have been patched! So, it’s time to update your devices faster than a hacker can say “unauthorized access”.

Key Points:

  • SonicWall SMA100 devices had two critical vulnerabilities now patched.
  • CVE-2023-44221 allows command injection by remote authenticated attackers.
  • CVE-2024-38475 involves improper URL to file system mapping in Apache HTTP Server.
  • Exploits already happening in the wild, urging immediate attention from users.
  • Patch updates released in December 2023 and December 2024.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?