Description:
SonicWall released a security advisory to address multiple vulnerabilities in NetExtender. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.
Affected Systems:
- SonicWall NetExtender Windows versions prior to 10.3.1
For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.
Impact:
Successful exploitation of the vulnerabilities could lead to elevation of privilege or information disclosure on the affected system.
Recommendation:
Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.
More Information:
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0006
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23008 (to CVE-2025-23010)
