CVE-2025-32817

Published: Apr 16, 2025Modified: Apr 17, 2025

6.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Exploitability: 1.8 / Impact: 4.2

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption.

Related CWEs

CWE-59

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (1)

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0007

Source: PSIRT@sonicwall.com

Timeline

No history available yet.