High severity7.2NVD Advisory· Published Apr 9, 2026· Updated May 14, 2026
CVE-2026-4116
CVE-2026-4116
Description
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
Affected products
6cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*range: <12.4.3-03387
- cpe:2.3:o:sonicwall:sma7210_firmware:*:*:*:*:*:*:*:*range: <12.4.3-03387
Patches
Vulnerability mechanics
References
1- psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003nvdVendor Advisory
News mentions
0No linked articles in our index yet.