CVE-2025-40595

Published May 14, 2025

Last updated a month ago

CVSS high 7.2

Overview

Description
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
Source
PSIRT@sonicwall.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.2
Impact score
2.7
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Severity
HIGH

Weaknesses

PSIRT@sonicwall.com
CWE-918

Social media

Hype score
Not currently trending

  1. ⚠️Vulnerabilidad en los dispositivos de SonicWall ❗CVE-2025-40595 ➡️Más info: https://t.co/QKJcAbXeOx https://t.co/pllLRasHD4

    @CERTpy

    19 May 2025

    117 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-40595 (CVSS:7.2, HIGH) is Awaiting Analysis. A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By..https://t.co/C9ARLNg8VP #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    19 May 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. SonicWall「SMA1000」シリーズに深刻なSSRF 脆弱性(CVE-2025-40595) #セキュリティ対策Lab #セキュリティ #Security https://t.co/C4yKGQV5KF

    @securityLab_jp

    19 May 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Threat Alert: Patch Now: SonicWall SMA1000 Flaw (CVE-2025-40595) Enables Stealth SSRF Attacks CVE-2025-40595 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/ka4lxIevrI #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    17 May 2025

    37 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  5. Urgent: SonicWall SMA1000 series vulnerability (CVE-2025-40595) allows remote exploitation via encoded URLs. Update firmware to 12.4.3-02963 immediately. #CyberSecurity #SonicWall #SSRF https://t.co/z3XQjTBPLu

    @dailytechonx

    16 May 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-40595 A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticate… https://t.co/Zq3DCBRPvi

    @CVEnew

    14 May 2025

    163 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.