{"uuid": "97740db9-8c1b-46ae-aff5-7e4207dfc79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40629", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16687", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40629\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the application is vulnerable to requests that access sensitive files outside the intended directory.\n\ud83d\udccf Published: 2025-05-16T12:40:17.878Z\n\ud83d\udccf Modified: 2025-05-16T12:59:59.664Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-vulnerability-pnetlab", "creation_timestamp": "2025-05-16T13:35:55.000000Z"}