CVE-2025-34047
CVE-2025-34047 is a path traversal vulnerability in Leadsec SSL VPN (formerly Lenovo NetGuard) that allows unauthenticated attackers to read arbitrary files through the ostype parameter in the /vpn/user/download/client endpoint. Root cause: insufficient input sanitization enabling traversal seque...