CVE-2025-32817

MEDIUM

SonicWall Connect Tunnel - Path Traversal

Title source: llm

Description

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service or file corruption.

References (1)

[Various Sources] https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0007

Scores

CVSS v3 6.1

EPSS 0.0008

EPSS Percentile 24.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-59

Status published

Products (1)

SonicWall/Connect Tunnel 12.4.3.283 and earlier versions

Published Apr 16, 2025

Tracked Since Feb 18, 2026