CVE-2023-44221: SonicWall SMA100 Appliances OS Command Injection Vulnerability

Published Dec 5, 2023
·
Updated

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

Other sources

SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.

CISA

Affected Software

11 affected components
SonicWall SMA100 Appliances
All of the following
SonicWall Sma 200 Firmware<=10.2.1.9-57sv
SonicWall SMA 200
All of the following
SonicWall Sma 210 Firmware<=10.2.1.9-57sv
SonicWall Sma 210
All of the following
SonicWall Sma 400 Firmware<=10.2.1.9-57sv
SonicWall Sma 400
All of the following
SonicWall Sma 410 Firmware<=10.2.1.9-57sv
SonicWall Sma 410
All of the following
SonicWall Sma 500v Firmware<=10.2.1.9-57sv
SonicWall Sma 500v

Remediation

Information

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Event History

Dec 5, 2023
CVE Published
via MITRE·08:10 PM
Data Sourced
via MITRE·08:10 PM
DescriptionWeakness
Data Sourced
via NVD·09:15 PM
DescriptionSeverityWeaknessAffected Software
Apr 30, 2025
News Published
via BleepingComputer·05:23 PM
News Published
via BleepingComputer·05:25 PM
May 1, 2025
Known Exploited
via CISA·12:00 AM
May 8, 2025
News Published
via BleepingComputer·11:19 AM

Peer vulnerabilities

Found alongside the following vulnerabilities.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2023-44221?

CVE-2023-44221 has been classified with a medium to high severity, indicating a significant risk for systems affected.

2

How do I fix CVE-2023-44221?

To mitigate CVE-2023-44221, users should upgrade to the latest firmware versions of the SonicWall SMA series that address this vulnerability.

3

Who is affected by CVE-2023-44221?

CVE-2023-44221 impacts SonicWall SMA models 200, 210, 400, 410, and 500v running firmware versions up to and including 10.2.1.9-57sv.

4

What type of vulnerability is CVE-2023-44221?

CVE-2023-44221 is categorized as an OS command injection vulnerability due to improper neutralization in the SSL-VPN management interface.

5

Can CVE-2023-44221 be exploited remotely?

Yes, CVE-2023-44221 can be exploited by a remote authenticated attacker with administrative privileges.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203