3 matches found
CVE-2025-34047 Leadsec VPN Path Traversal Arbitrary File Read
A path traversal vulnerability exists in the Leadsec SSL VPN formerly Lenovo NetGuard, allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation,...
CVE-2025-34047
CVE-2025-34047 is a path traversal vulnerability in Leadsec SSL VPN (formerly Lenovo NetGuard) that allows unauthenticated attackers to read arbitrary files through the ostype parameter in the /vpn/user/download/client endpoint. Root cause: insufficient input sanitization enabling traversal seque...
VulnCheck KEV: CVE-2025-34047
A path traversal vulnerability exists in the Leadsec SSL VPN formerly Lenovo NetGuard, allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation,...