QwikSec

Security Database

CVE

CWE

Training

CVE-2025-40605

Published: Nov 20, 2025

Modified: Nov 20, 2025

PUBLISHED

Description

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.

Vendor	Product	Versions
SonicWall	Email Security	affected `10.0.33.8195 and earlier versions`

Weaknesses (CWE)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.