CVE-2019-7481

HIGH KEV RANSOMWARE NUCLEI

SonicWall SMA100 <9.0.0.3 - Info Disclosure

Title source: llm

Description

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.

Nuclei Templates (1)

SonicWall SRA 4600 VPN - SQL Injection

HIGHby _darrenmartyn

References (2)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7481

Scores

CVSS v3 7.5

EPSS 0.9438

EPSS Percentile 100.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitation Intel

CISA KEV 2021-11-03

VulnCheck KEV 2021-11-03

InTheWild.io 2021-11-03

ENISA EUVD EUVD-2019-17023

Ransomware Use Confirmed

Classification

CWE

CWE-89

Status published

Affected Products (1)

sonicwall/sma_100_firmware < 9.0.0.4

Timeline

Published Dec 17, 2019

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026