QwikSec

Security Database

CVE

CWE

Training

CVE-2025-34047

Published: Jun 26, 2025

Modified: Dec 23, 2025

PUBLISHED

Description

A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation, enabling traversal sequences to escape the intended directory and access sensitive files. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Vendor	Product	Versions
Beijing NetGuard Nebula Information Technology Co., Ltd.	Leadsec SSL VPN	affected `0`

Weaknesses (CWE)

References

https://www.cnvd.org.cn/flaw/show/CNVD-2021-64035

third-party-advisory

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cnvd/2021/CNVD-2021-64035.yaml

exploit

https://www.leadsec.com.cn/

product

https://vulncheck.com/advisories/leadsec-vpn-path-traversal-file-read

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.