Email Security Appliance 7000 Firmware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-40605 MEDIUM This Month

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Email Security Appliance 5000 Firmware Email Security Appliance 5050 Firmware Email Security Appliance 7000 Firmware Email Security Appliance 7050 Firmware +1
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-40604 CRITICAL This Week

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Sonicwall Email Security Appliance 5000 Firmware Email Security Appliance 5050 Firmware Email Security Appliance 7000 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-40605
EPSS 0% CVSS 5.3
MEDIUM This Month

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Email Security Appliance 5000 Firmware Email Security Appliance 5050 Firmware +3
NVD
CVE-2025-40604
EPSS 0% CVSS 9.8
CRITICAL This Week

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Sonicwall Email Security Appliance 5000 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy