NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-4112

Summary	Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
Publication Date	April 10, 2026, 12:16 a.m.
Registration Date	April 15, 2026, 11:34 a.m.
Last Update	April 14, 2026, 12:02 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003	PSIRT@sonicwall.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-89	SQLインジェクション	https://cwe.mitre.org/data/definitions/89.html