Path Traversal in Pnetlab

CVE-2025-40629

PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the application is vulnerable to requests…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.008 (51.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-40629?
CVE-2025-40629 is a vulnerability in Pnetlab, classified under Path Traversal. Published 2025-05-16.
Is CVE-2025-40629 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.