CVE-2025-40598

Published Jul 23, 2025

Last updated 14 days ago

CVSS medium 6.1
SMA100

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-40598 is a reflected cross-site scripting (XSS) vulnerability found in the SMA100 series web interface. It allows a remote, unauthenticated attacker to potentially execute arbitrary JavaScript code. The vulnerability is located in the `radiusChallengeLogin` endpoint and can be triggered by injecting a malicious JavaScript code via the `state` parameter. The injected code is reflected directly into the response without any filtering. The SMA100's built-in web application firewall (WAF) appears to be inactive on management interfaces, which means even basic XSS payloads can be successful. An attacker can inject malicious code into a web page, which will then run in a user's browser if they visit a specially crafted link.

Description
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
Source
PSIRT@sonicwall.com
NVD status
Analyzed
Products
sma_500v_firmware, sma_210_firmware, sma_410_firmware

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.1
Impact score
2.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

PSIRT@sonicwall.com
CWE-79

Social media

Hype score
Not currently trending

  1. We are now scanning for CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598. In other (related news), HttpIOCScan has a new template to detect backdoors on SonicWall SMAs: https://t.co/2KqQXf4C4W https://t.co/3jVoyTmfP3

    @leak_ix

    1 Aug 2025

    7889 Impressions

    20 Retweets

    89 Likes

    48 Bookmarks

    1 Reply

    0 Quotes

  2. 2025-07-29 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/ZQvOvq2f5n https://t.co/MvjslfRtDF

    @motikan2010

    30 Jul 2025

    105 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/Zerp9O3rP0

    @Dinosn

    29 Jul 2025

    2082 Impressions

    3 Retweets

    12 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  4. Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) https://t.co/BI4s1mxx8J https://t.co/UuVcbXV64G

    @secharvesterx

    29 Jul 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-40598 Reflected Cross-Site Scripting Vulnerability in Cisco SMA100 Series Web Interface https://t.co/pp8GJamHIR

    @VulmonFeeds

    23 Jul 2025

    75 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-40598 A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbi… https://t.co/1lQLAyz3tW

    @CVEnew

    23 Jul 2025

    238 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.