CVE-2025-40599

SMA · SMA 100 series web management interface

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface, allowing administrative users to upload arbitrary files.

Executive summary

An authenticated remote code execution risk exists in the SMA 100 series web management interface, enabling administrators to upload arbitrary files to the server.

Vulnerability

This is an authenticated arbitrary file upload vulnerability. It requires the attacker to possess administrative privileges, which they can then leverage to upload malicious files, potentially resulting in remote code execution on the appliance.

Business impact

The ability to upload arbitrary files allows an attacker to gain full control over the SMA 100 series appliance. Given the CVSS score of 9.1, this is a critical threat that could facilitate lateral movement into the internal network or the compromise of sensitive administrative functions.

Remediation

Immediate Action: Update the SMA 100 series firmware to the latest version recommended by the vendor to remediate the file upload vulnerability.

Proactive Monitoring: Monitor the system for unauthorized file uploads or the creation of unexpected files in web-accessible directories.

Compensating Controls: Restrict access to the management interface to trusted IP addresses only, reducing the attack surface available to unauthorized actors.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

While this vulnerability requires existing administrative access, the potential for total system takeover makes it critical. Administrators must verify their firmware version and apply the necessary security updates to prevent the risk of arbitrary code execution.