CVE-2025-23007 - AskarLabs CVE Database

CVE-2025-23007

Vendor Sonicwall

Product NetExtender

Weakness CWE-269

Published January 30, 2025

Last update April 17, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation.

Key dates

02Disclosure timeline

January 30, 2025 CVE published

April 17, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-23007 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

04Related CVE

CVE-2020-13509 CVE-2026-40291 Chamilo LMS has Privilege Escalation via API User Role Modification CVE-2025-2238 Vikinger <= 1.9.30 - Authenticated (Subscriber+) Privilege Escalation via 'vikinger_user_meta_update_ajax' CVE-2025-57840 Privilege Bypass in ADB CVE-2026-26369 JUNG eNet SMART HOME server 2.2.1/2.3.1 Privilege Escalation via setUserGroup