Vulnerability detail
Enriched intelligence for a single CVE
CVE-2025-40598
PUBLISHEDA Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to...
- Vendor
- SonicWall
- Product
- SMA 100 Series
- Published
- Jul 23, 2025
- EPSS
- —
Automate this intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code.
Weaknesses (CWE)
-
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS scores
No CVSS data available.
Exploitation status
No exploitation signals recorded yet.
Timeline
-
CVE ID Reserved
-
CVE Published to Public