CVE-2026-4112

UNKNOWN View on NVD ↗

Description

Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

Published: Apr 09, 2026 15:16 UTC Modified: Apr 09, 2026 15:16 UTC