CVE-2025-40605

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-11-20 15:17

Updated : 2025-12-12 15:43

NVD link : CVE-2025-40605

Mitre link : CVE-2025-40605

CVE.ORG link : CVE-2025-40605

JSON object : View

Products Affected

sonicwall

email_security_appliance_7050
email_security_appliance_5000_firmware
email_security_appliance_9000_firmware
email_security_appliance_7000_firmware
email_security_appliance_9000
email_security_appliance_7000
email_security_appliance_5000
email_security_appliance_5050_firmware
email_security_appliance_5050
email_security_appliance_7050_firmware

CWE

CWE-23

Relative Path Traversal

{"id": "CVE-2025-40605", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-11-20T15:17:28.917", "references": [{"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018", "tags": ["Vendor Advisory"], "source": "PSIRT@sonicwall.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "PSIRT@sonicwall.com", "description": [{"lang": "en", "value": "CWE-23"}]}], "descriptions": [{"lang": "en", "value": "A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path."}], "lastModified": "2025-12-12T15:43:42.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A1B8BFC-9721-491D-B803-1571D0702596", "versionEndIncluding": "10.0.33.8195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA9126B7-5C64-4692-954C-6EF71261862C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E47DFE3-0731-4E63-99B4-14EBE778BB92", "versionEndIncluding": "10.0.33.8195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "271F06DD-8DAA-46EF-A803-659EA253CC63"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C2A297-95A8-48ED-BACC-81E8B7E85681", "versionEndIncluding": "10.0.33.8195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A114E829-5FC6-4321-8D28-C63EC09F9099"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CD71CC1-27B3-4782-85A7-6D6F17C20A5E", "versionEndIncluding": "10.0.33.8195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "443B635B-6B08-479B-A635-26724B192BF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C95DDA2E-E2DC-4F98-9901-0A10E7D0A168", "versionEndIncluding": "10.0.33.8195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C2434930-79AB-4AA9-AAC8-B116F3CD5CC0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "PSIRT@sonicwall.com"}