Vulnerability Description
A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Email Security Appliance 5000 Firmware | <= 10.0.33.8195 |
| Sonicwall | Email Security Appliance 5000 | - |
| Sonicwall | Email Security Appliance 5050 Firmware | <= 10.0.33.8195 |
| Sonicwall | Email Security Appliance 5050 | - |
| Sonicwall | Email Security Appliance 7000 Firmware | <= 10.0.33.8195 |
| Sonicwall | Email Security Appliance 7000 | - |
| Sonicwall | Email Security Appliance 7050 Firmware | <= 10.0.33.8195 |
| Sonicwall | Email Security Appliance 7050 | - |
| Sonicwall | Email Security Appliance 9000 Firmware | <= 10.0.33.8195 |
| Sonicwall | Email Security Appliance 9000 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-40605?
CVE-2025-40605 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) a...
How severe is CVE-2025-40605?
CVE-2025-40605 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-40605?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Email Security Appliance 5000 Firmware, Sonicwall Email Security Appliance 5000, Sonicwall Email Security Appliance 5050 Firmware, Sonicwall Email Security Appliance 5050, Sonicwall Email Security Appliance 7000 Firmware.