CVE-2026-0204

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-0204
A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.

8.0 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:*
History

05 May 2026, 16:11

Type Values Removed Values Added
CPE cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz480:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz580:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz680:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz80:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz380:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz280w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*
References () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004 - () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0004 - Vendor Advisory
First Time Sonicwall tz 300p
Sonicwall tz470
Sonicwall nsv 470
Sonicwall nsa 5800
Sonicwall tz380
Sonicwall nsa 4600
Sonicwall tz 350
Sonicwall tz 300
Sonicwall nsa 3650
Sonicwall nsa 5600
Sonicwall nsa 2650
Sonicwall soho 250
Sonicwall nsa 5650
Sonicwall tz370
Sonicwall nsa 2700
Sonicwall tz670
Sonicwall tz 400w
Sonicwall tz 600p
Sonicwall nsa 6600
Sonicwall tz570w
Sonicwall tz370w
Sonicwall nssp 15700
Sonicwall nsa 2800
Sonicwall tz280w
Sonicwall tz 500
Sonicwall tz380w
Sonicwall nssp 10700
Sonicwall tz470w
Sonicwall nsa 6650
Sonicwall sonicos
Sonicwall tz270
Sonicwall sm 9450
Sonicwall nsv 270
Sonicwall sm 9250
Sonicwall soho 250w
Sonicwall nsa 5700
Sonicwall tz 500w
Sonicwall tz 400
Sonicwall nsa 3700
Sonicwall tz580
Sonicwall nsa 4800
Sonicwall nssp 11700
Sonicwall tz480
Sonicwall tz680
Sonicwall nsa 6700
Sonicwall tz 350w
Sonicwall nsa 3600
Sonicwall nssp 13700
Sonicwall tz270w
Sonicwall nsa 4650
Sonicwall tz 600
Sonicwall sm 9200
Sonicwall nsv 870
Sonicwall tz 300w
Sonicwall sm 9600
Sonicwall tz570
Sonicwall
Sonicwall tz80
Sonicwall nsa 3800
Sonicwall tz570p
Sonicwall sm 9400
Sonicwall sohow
Sonicwall sm 9650
Sonicwall nsa 4700
Sonicwall tz280

30 Apr 2026, 15:11

Type Values Removed Values Added
New CVE
Information

Published : 2026-04-29 17:16

Updated : 2026-05-05 16:11

NVD link : CVE-2026-0204

Mitre link : CVE-2026-0204

CVE.ORG link : CVE-2026-0204

JSON object : View

Products Affected

sonicwall

  • tz280
  • sm_9400
  • sm_9250
  • nsa_2650
  • tz_300p
  • tz670
  • nsa_5600
  • sm_9650
  • nsa_5700
  • nssp_13700
  • nsv_270
  • tz270w
  • tz570
  • tz470
  • soho_250
  • tz280w
  • tz570p
  • sonicos
  • nsa_3800
  • nssp_10700
  • nsa_2700
  • nsa_6700
  • tz_400w
  • tz470w
  • tz80
  • tz_300w
  • tz_500
  • tz370w
  • tz380
  • tz_600p
  • nsa_3700
  • sm_9450
  • nsa_3650
  • tz_350
  • tz_350w
  • nssp_11700
  • tz480
  • nsa_3600
  • soho_250w
  • nsa_5800
  • sm_9200
  • tz270
  • nsa_4650
  • nsa_6650
  • tz_400
  • nsv_870
  • tz570w
  • tz380w
  • sohow
  • tz_300
  • tz_500w
  • nsa_4700
  • tz580
  • nsa_4600
  • nsa_5650
  • nsa_6600
  • tz_600
  • nsa_2800
  • tz680
  • nssp_15700
  • nsa_4800
  • tz370
  • nsv_470
  • sm_9600
CWE
CWE-306

Missing Authentication for Critical Function

CWE-1390

Weak Authentication