CVE-2026-15409
Published Jul 14, 2026
Last updated 2 hours ago
AI description
CVE-2026-15409 is a critical server-side request forgery (SSRF) vulnerability impacting SonicWall SMA 1000 Series appliances. This flaw resides within the SMA1000 Appliance WorkPlace interface. Exploitation of CVE-2026-15409 can allow remote, unauthenticated attackers to compel the appliance to initiate requests to unintended network locations. This vulnerability has been observed in active exploitation, frequently in conjunction with CVE-2026-15410. SonicWall has released firmware patches to address this issue and advises customers to upgrade their appliances and investigate for potential compromise.
- Description
- A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
- Source
- PSIRT@sonicwall.com
- NVD status
- Received
- PSIRT@sonicwall.com
- CWE-918
- Hype score
- Not currently trending
SonicWall warns that two SMA1000 vulnerabilities (CVE-2026-15409 and CVE-2026-15410) are being used in zero-day attacks. Act now: install the latest security updates to protect your network. https://t.co/xLk14CE0GN
@trubetech
14 Jul 2026
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) https://t.co/feLgfWplNj
@TheCyberSecHub
14 Jul 2026
782 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) https://t.co/xQpU3GYHd0
@lgomezperu
14 Jul 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#SonicWall SMA appliances targeted in zero-day attacks (#CVE-2026-15409, CVE-2026-15410) https://t.co/n7FywzAmvH https://t.co/aylTCjJWDu
@evanderburg
14 Jul 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410): SonicWall has fixed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) affecting its Secure Mobile Access (SMA) 1000 Series appliances, and is… https://t.co/duxrViYJjx h
@shah_sheikh
14 Jul 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) - https://t.co/D2wjIDzVuq - @SonicWall #CVE #CyberSecurity #CyberSecurityNews
@helpnetsecurity
14 Jul 2026
402 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes