{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T14:59:59.741","vulnerabilities":[{"cve":{"id":"CVE-2025-40605","sourceIdentifier":"PSIRT@sonicwall.com","published":"2025-11-20T15:17:28.917","lastModified":"2025-12-12T15:43:42.043","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"PSIRT@sonicwall.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0.33.8195","matchCriteriaId":"7A1B8BFC-9721-491D-B803-1571D0702596"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*","matchCriteriaId":"BA9126B7-5C64-4692-954C-6EF71261862C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0.33.8195","matchCriteriaId":"8E47DFE3-0731-4E63-99B4-14EBE778BB92"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*","matchCriteriaId":"271F06DD-8DAA-46EF-A803-659EA253CC63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0.33.8195","matchCriteriaId":"24C2A297-95A8-48ED-BACC-81E8B7E85681"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*","matchCriteriaId":"A114E829-5FC6-4321-8D28-C63EC09F9099"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0.33.8195","matchCriteriaId":"5CD71CC1-27B3-4782-85A7-6D6F17C20A5E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*","matchCriteriaId":"443B635B-6B08-479B-A635-26724B192BF0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0.33.8195","matchCriteriaId":"C95DDA2E-E2DC-4F98-9901-0A10E7D0A168"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*","matchCriteriaId":"C2434930-79AB-4AA9-AAC8-B116F3CD5CC0"}]}]}],"references":[{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018","source":"PSIRT@sonicwall.com","tags":["Vendor Advisory"]}]}}]}