AI description
CVE-2025-40596 is a stack-based buffer overflow vulnerability found in the web interface of the SonicWall SMA100 series. This vulnerability allows a remote, unauthenticated attacker to potentially cause a denial of service (DoS) or achieve code execution. The vulnerability is located in the `/usr/src/EasyAccess/bin/httpd` binary, which handles incoming HTTP requests to the SonicWall SSLVPN. The stack-based buffer overflow can be triggered by sending a malformed HTTP request.
- Description
- A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
- Source
- PSIRT@sonicwall.com
- NVD status
- Analyzed
- Products
- sma_500v_firmware, sma_210_firmware, sma_410_firmware
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- PSIRT@sonicwall.com
- CWE-121
- Hype score
- Not currently trending
We added version based SonicWall SMA100 CVE-2025-40596 detection to our daily scans - at least 3200 IPs seen still unpatched! Top affected: US, Japan, Germany Dashboard map: https://t.co/EQgIJ06ie8 NVD entry: https://t.co/WsDMlOBuVK SonicWall advisory: https://t.co/MHBCP8rx6X
@Shadowserver
7 Aug 2025
4872 Impressions
21 Retweets
37 Likes
12 Bookmarks
2 Replies
0 Quotes
Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know https://t.co/Ug8h91rbMS New SonicWall SMA100 vulnerabilities (CVE-2025-40596 to CVE-2025-40599) could enable remote code execution—even on patched devices. While Akira ransomware activity has sur
@f1tym1
5 Aug 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We are now scanning for CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598. In other (related news), HttpIOCScan has a new template to detect backdoors on SonicWall SMAs: https://t.co/2KqQXf4C4W https://t.co/3jVoyTmfP3
@leak_ix
1 Aug 2025
7889 Impressions
20 Retweets
89 Likes
48 Bookmarks
1 Reply
0 Quotes
[1day1line] CVE-2025-40596: (Pre-auth) Stack Buffer Overflow in SonicWall SMA100 Leading to DoS https://t.co/zobUm6De7Y Today's 1day1line features a stack buffer overflow vulnerability in the SonicWall SMA100 series, which are products that use SSL VPN. Notably, this attack can
@hackyboiz
30 Jul 2025
821 Impressions
5 Retweets
14 Likes
8 Bookmarks
0 Replies
0 Quotes
2025-07-29 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/ZQvOvq2f5n https://t.co/MvjslfRtDF
@motikan2010
30 Jul 2025
105 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en SonicWall SMA 100 ❗CVE-2025-40597 ❗CVE-2025-40596 ➡️Más info: https://t.co/KJngjLW5SF https://t.co/rdCcIRxMOu
@CERTpy
29 Jul 2025
117 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
SonicWallのSSL-VPN機器「SMA100シリーズ」において、複数の重大な脆弱性(CVE-2025-40596, 40597, 40598)が発見された。影響を受けるのはファームウェア10.2.1.15で、いずれも認証不要で攻撃可能な深刻な欠陥である。
@yousukezan
29 Jul 2025
698 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/Zerp9O3rP0
@Dinosn
29 Jul 2025
2082 Impressions
3 Retweets
12 Likes
2 Bookmarks
0 Replies
0 Quotes
Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/BI4s1mxx8J https://t.co/UuVcbXV64G
@secharvesterx
29 Jul 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40596 A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially… https://t.co/25jqe4G33V
@CVEnew
23 Jul 2025
293 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3418E737-CB38-4736-9725-AD05A1AB29CF",
"versionEndExcluding": "10.2.2.1-90sv"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A6AD8A33-7CE4-4C66-9E23-F0C9C9638770"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "786BB26D-B943-4564-B8CC-3260EF2AACED",
"versionEndExcluding": "10.2.2.1-90sv"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "51587338-4A5F-41FC-9497-743F061947C2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "057D8219-D4F0-49FB-8EE4-6BBBDAED49DB",
"versionEndExcluding": "10.2.2.1-90sv"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9DFB8FBC-FFA4-4526-B306-D5692A43DC9E"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]