CVE-2025-40597

High

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of…

sonicwall·CWE-122·Published 2025-07-23

CVSS

7.5

EPSS

0.29

KEV

Exploits

Vendor statements (1)

psirt.global.sonicwall.com

cve.orgen

192 chars

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

NVDes

240 chars

Una vulnerabilidad de desbordamiento de búfer basada en montón en la interfaz web de la serie SMA100 permite que un atacante remoto no autenticado provoque una denegación de servicio (DoS) o potencialmente resulte en la ejecución de código.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1	Secondary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H