Skip to main content

Sma1000

2 CVEs product

Monthly

CVE-2026-15410 HIGH POC KEV THREAT NEWS Act Now

Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.

RCE Code Injection Sma1000
NVD VulDB
CVSS 3.1
7.2
EPSS
1.6%
Threat
5.4
CVE-2026-15409 CRITICAL POC KEV THREAT NEWS Emergency

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

SSRF Sma1000
NVD VulDB
CVSS 3.1
10.0
EPSS
1.4%
Threat
6.1
EPSS 2% 5.4 CVSS 7.2
HIGH POC KEV THREAT Act Now

Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.

RCE Code Injection Sma1000
NVD VulDB
EPSS 1% 6.1 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

SSRF Sma1000
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy