CVE-2019-7483

HIGH KEV

SonicWall SMA100 - Path Traversal

Title source: llm

Description

In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.

References (2)

[Vendor Advisory] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0018

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7483

Scores

CVSS v3 7.5

EPSS 0.3916

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitation Intel

CISA KEV 2022-03-28

VulnCheck KEV 2022-03-28

InTheWild.io 2022-03-28

ENISA EUVD EUVD-2019-17025

Classification

CWE

CWE-22

Status published

Affected Products (1)

sonicwall/sma_100_firmware < 9.0.0.4

Timeline

Published Dec 19, 2019

KEV Added Mar 28, 2022

Tracked Since Feb 18, 2026