CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Sonicwall: >> Email Security Appliance 9000 Firmware >> 10.0.9.6177 Security Vulnerabilities

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution.

CVSS Score

9.8

EPSS Score

0.0

Published

2025-11-20

CVE-2025-40605

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path.

CVSS Score

5.3

EPSS Score

0.0

Published

2025-11-20

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved