From thehackernews.com
![SonicWall](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgTdzwEIazKL1IdHuI1NcNGE2sZchTrb7XxlrDd5DHL-FHWh4qvHuJPHjY24fmTtAyows70s53kU4bwyR5o3h8i8h4hk6Nf5aPJ2F5iLW9yC5HJgkM26KmzaOep81nAwD8aLesFS81sXffSMhhr9Tn4acdENs5n7Ezf-IlQINE7pQIWiYIcB6VH9Ec5/s728-e1000/sonicwall.jpg)
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability.
The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below –
- CVE-2022-22282 (CVSS score: 8.2) – Unauthenticated Access Control Bypass
- CVE-2022-1702 (CVSS score: 6.1) – URL redirection to an untrusted site (open redirection)
- CVE-2022-1701 (CVSS score: 5.7) – Use of a shared and hard-coded cryptographic key
Successful exploitation of the aforementioned bugs could allow an attacker to unauthorized access to internal resources and even redirect potential victims to malicious websites.