CVE-2023-44221 - SonicWall SMA100 Appliances OS Command Injection Vulnerability

Vulnerability Name

SonicWall SMA100 Appliances OS Command Injection Vulnerability

Description

SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018

https://nvd.nist.gov/vuln/detail/CVE-2023-44221

Related News Articles

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as RootMay 8, 2025

SonicWall urges admins to patch VPN flaw exploited in attacksMay 8, 2025

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)May 2, 2025