CVE-2025-40629

Vulnerability Description

PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the application is vulnerable to requests that access sensitive files outside the intended directory.

Related Weaknesses (CWE)

CWE-22

References

https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-vulnerability-

FAQ

What is CVE-2025-40629?

CVE-2025-40629 is a documented vulnerability. PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the...

How severe is CVE-2025-40629?

CVSS scoring is not yet available for CVE-2025-40629. Check NVD for updates.

Is there a patch for CVE-2025-40629?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.