CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

May 2, 2025

CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

CISA has added the SonicWall SMA100 OS Command Injection Vulnerability, tracked as CVE-2023-44221, to its Known Exploited Vulnerabilities (KEV) catalog.
According to CISA’s May 1, 2025 advisory, this …

Published Date:
May 02, 2025 (2 hours, 32 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2024-38475

CVE-2023-44221

Source: Read More

Previous ArticleRedis Reintroduces Open-Source AGPL Alongside SSPL Licensing

Next Article CISA Warns of Apache HTTP Server Escape Vulnerability Exploited in the Wild

Highlights

CVE-2025-4219 – WordPress DPEPress Stored Cross-Site Scripting

May 21, 2025

CVE ID : CVE-2025-4219

Published : May 21, 2025, 12:16 p.m. | 2 hours, 34 minutes ago

Description : The DPEPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘dpe’ shortcode in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Unplugging these 7 common household devices helped reduce my electricity bills

DistroWatch Weekly, Issue 1133

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

DistroWatch Weekly, Issue 1133

DistroWatch Weekly, Issue 1133

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

June 2025: All AI updates from the past month

Vulnerable firmware for Gigabyte motherboards could allow bootkit installation

Xbox is readying three next-gen controller prototypes, incuding Elite Series 3

CVE-2025-2745 – AVEVA PI Web API Cross-Site Scripting (XSS) Vulnerability

CVE-2025-4219 – WordPress DPEPress Stored Cross-Site Scripting

CVE-2025-20221 – Cisco IOS XE SD-WAN Remote Packet Filtering Bypass Vulnerability

Chrome tests New Page Contextual Search in desktop address bar

FortiOS SSL-VPN Vulnerability Let Attackers Access full SSL-VPN settings

CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

CISA Warns of SonicWall SMA100 OS Command Injection Vulnerability Exploited in Wild

Related Posts