CVE-2026-4112

Vulnerability Description

Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.

Vulnerability Details

Published Date

April 09, 2026

Last Modified

April 13, 2026

CWE ID

CWE-89

Source

NVD

External References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment