Path Traversal Vulnerability in SonicWall Email Security Appliance
CVE-2025-40605

Currently unrated

Key Information:

Vendor

Sonicwall
Status
Email Security
Vendor
CVE Published:
20 November 2025

What is CVE-2025-40605?

A Path Traversal vulnerability has been discovered in the SonicWall Email Security Appliance, enabling attackers to manipulate file system paths through crafted directory-traversal sequences. This security flaw can lead to unauthorized access to sensitive files and directories outside of the intended restricted path, posing significant risks to user data integrity and confidentiality. Immediate action is recommended to mitigate potential exploitation.

Affected Version(s)

Email Security Linux 10.0.33.8195 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Brian Mariani of DigitalCanion SA - www.digitalcanion.com
JSON
.
CVE-2025-40605 : Path Traversal Vulnerability in SonicWall Email Security Appliance