CVE-2026-15409 affecting SonicWall SMA1000

This section contains time sensitive announcements about specific cyber threats, vulnerabilities and scams. Each alert has information you need to be aware of, and what actions to take to mitigate any risk to you or your organisation.

Subscribe to our updates to be notified as soon as we publish an alert.

4:30PM, 15 July 2026

TLP Rating: Clear

CVE-2026-15409 affecting SonicWall SMA1000

CVE-2026-15409 is a server-side request forgery (SSRF) vulnerability in the SonicWall SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to an unintended location.

What's happening

Systems affected

CVE-2026-15409 affects SMA1000 Models - 6210, 7210, 8200v Appliance Workplace interface.

  • 12.4.3-03245, 12.4.3-03387 and 12.4.3-03434 (platform-hotfix)
  • 12.5.0-02283, 12.5.0-02624 and 12.5.0-02800 (platform-hotfix)

What to look for

How to tell if you're at risk

Please refer to the vendor advisory for Indicators of compromise (IOCs).

What to do

Prevention

Update to the latest patch.

More information

Read more about this alert on the vendor website:

SNWLID-2026-0008 External Link

If you require more information or further support, submit a report on our website:

Report an incident