SECURITYTHE HACKER NEWS
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
SonicWall has warned of active exploitation of two zero-day vulnerabilities in Secure Mobile Access (SMA) 1000 series appliances, one of which could allow arbitrary command execution. The first vulnerability, CVE-2026-15409, is a server-side request forgery (SSRF) flaw exploitable by unauthenticated attackers.
Mentioned
Related Signal
Adjacent reporting
- Cisco customers encounter another SD-WAN zero-day under attack
- Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
- Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
- Cisco warns of unpatched SD-WAN zero-day exploited in attacks
- Google spotted an AI-developed zero-day before attackers could use it