CVE-2025-23010

Name of the Vulnerable Software and Affected Versions SonicWall NetExtender versions 10.3.1 and earlier

Description An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client allows an attacker to manipulate file paths. This vulnerability may allow an attacker to upload arbitrary files.

Recommendations For versions 10.3.1 and earlier, update to a version later than 10.3.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.