Unrated severityCISA KEVNVD Advisory· Published Dec 5, 2023· Updated Oct 21, 2025
CVE-2023-44221
CVE-2023-44221
Description
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.
Affected products
2Patches
Vulnerability mechanics
References
1- psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018mitrevendor-advisory
News mentions
0No linked articles in our index yet.