VYPR
Unrated severityCISA KEVNVD Advisory· Published Dec 5, 2023· Updated Oct 21, 2025

CVE-2023-44221

CVE-2023-44221

Description

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Affected products

2
  • SonicWall/SMA100llm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 10.2.1.9-57sv and earlier versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.