Path Traversal Vulnerability in SonicWall Email Security Appliance
CVE-2025-40605
5.3MEDIUM
What is CVE-2025-40605?
A Path Traversal vulnerability has been discovered in the SonicWall Email Security Appliance, enabling attackers to manipulate file system paths through crafted directory-traversal sequences. This security flaw can lead to unauthorized access to sensitive files and directories outside of the intended restricted path, posing significant risks to user data integrity and confidentiality. Immediate action is recommended to mitigate potential exploitation.
Affected Version(s)
Email Security Linux 10.0.33.8195 and earlier versions
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Brian Mariani of DigitalCanion SA - www.digitalcanion.com