CVE-2026-4112

NONE EPSS 0.07%

Apr 09, 2026

Updated Apr 09, 2026

Sonicwall

Parameter	Value
Type	CWE-89 (SQL Injection)
Vendor	Sonicwall
Public PoC	No

Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.

Weakness Type (CWE)

CWE-89 SQL Injection

References 1

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

PSIRT@sonicwall.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-4116

Sonicwall

None

CVE-2026-4114

Sonicwall

None

CVE-2026-4113

Sonicwall

None

CVE-2026-3470

Sonicwall

3.8

CVE-2026-3469

Sonicwall

2.7

CVE Details

CVE ID

CVE-2026-4112

Published Date

Apr 09, 2026

Vendor

Sonicwall

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 0.07%

Likelihood of exploitation in next 30 days

Percentile: 21.9th percentile (higher than 21.9% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2026-4112

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4116

CVE-2026-4114

CVE-2026-4113

CVE-2026-3470

CVE-2026-3469

CVE Details

Editor's Choice

Menu

CVE-2026-4112

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4116

CVE-2026-4114

CVE-2026-4113

CVE-2026-3470

CVE-2026-3469

CVE Details

Editor's Choice

Stay informed on cybersecurity