CVE-2025-40600
CRITICALDescription
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| sonicwall | sonicos |
| sonicwall | nsa_2700 |
| sonicwall | nsa_3700 |
| sonicwall | nsa_4700 |
| sonicwall | nsa_5700 |
| sonicwall | nsa_6700 |
| sonicwall | nssp_10700 |
| sonicwall | nssp_11700 |
| sonicwall | nssp_13700 |
| sonicwall | nssp_15700 |
| sonicwall | nsv270 |
| sonicwall | nsv470 |
| sonicwall | nsv870 |
| sonicwall | tz270 |
| sonicwall | tz270w |
| sonicwall | tz370 |
| sonicwall | tz370w |
| sonicwall | tz470 |
| sonicwall | tz470w |
| sonicwall | tz570 |
| sonicwall | tz570p |
| sonicwall | tz570w |
| sonicwall | tz670 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-40600? +
How severe is CVE-2025-40600? +
What products are affected by CVE-2025-40600? +
How do I check if I'm vulnerable to CVE-2025-40600? +
Related Vulnerabilities
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending …
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing …
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application …
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan …
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `stamgr_cfg_adpt_addStaIot` pass …
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted …