SonicWall SMA100 SSL-VPN Cross-Site Scripting (CVE-2025-40598)
- Dee Sehejpal BSc (HONS)
- Aug 1
- 1 min read
Appliance Details
The SonicWall SMA100 Series offer secure end-to-end remote access.
Vulnerability
A Reflected cross-site scripting vulnerability exists in the SMA100 series web interface
Identification
This could allow a remote unauthenticated attacker to potentially execute arbitrary JavaScript code. This may lead to data theft, session hijacking, or further exploitation of the affected systems.
GET /cgi-bin/radiusChallengeLogin?portalName=portal1&status=needchallenge&state=/"><img/src=x+onerror=alert`1`> Detection
By turning this into a traffic file and matching rule, we are able to detect attempts by an unauthenticated remote attacker to potentially execute arbitrary JavaScript code.
Coverage
Idappcom have created signature 8026175 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments