SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability.
The flaw, identified as CVE-2025-40595 with a CVSS v3 score of 7.2, enables unauthenticated attackers to exploit encoded URLs to send unauthorized requests to unintended destinations, potentially compromising internal networks and sensitive data.
https://gbhackers.com/sonicwall-sma1000 ... oded-urls/