SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

May 17, 2025

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution.
The vulnerabilities are listed below –

CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path traversal checks and delete an

Source: Read More

Previous ArticleChinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Next Article Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Highlights

CVE-2025-3852 – WordPress WPshop E-Commerce Privilege Escalation Vulnerability

May 6, 2025

CVE ID : CVE-2025-3852

Published : May 7, 2025, 3:15 a.m. | 20 minutes ago

Description : The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.0 to 2.6.0. This is due to the plugin not properly validating a user’s identity prior to updating their details like email & password through the update() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user’s passwords, including administrators, and leverage that to gain access to their account.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

Save $400 on the best Samsung TVs, laptops, tablets, and more when you sign up for Verizon 5G Home or Home Internet

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Big Changes at Meteor Software: Our Next Chapter

Apps in Generative AI – Transforming the Digital Experience

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

February 2025 Baseline monthly digest

Learn A1 Level Spanish

Some of Call of Duty: Warzone’s biggest players use this weapon optic, so I tried it — it totally changed the game

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

Elden Ring: How to access the DLC and start Shadow of the Erdtree

Google researchers successfully found a zero-day vulnerability using LLM assisted vulnerability detection

CVE-2025-3852 – WordPress WPshop E-Commerce Privilege Escalation Vulnerability

Weekly Vulnerability Report: Critical Flaws Identified by Cyble in Microsoft, Adobe, MOVEit & More

Buying a Samsung Galaxy Z Fold 6? Make sure to order this model

CVE-2025-4529 – Seeyon Zhiyuan OA Web Application System Path Traversal Vulnerability

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Related Posts