{"vulnerability": "CVE-2025-34047", "sightings": [{"uuid": "0c2499e0-0b91-42ba-86c2-a1ffeb292606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lsmjza5epk2u", "content": "", "creation_timestamp": "2025-06-27T21:02:23.193452Z"}, {"uuid": "653844ec-8c7d-4f54-ad32-f582e21cfa0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjytu4jk62p", "content": "", "creation_timestamp": "2025-06-26T20:49:46.627680Z"}, {"uuid": "31c14801-f675-4745-823e-6ef6b77978c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-18)", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "306926dd-b4da-47d3-8562-4179c4efffc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-28)", "content": "", "creation_timestamp": "2026-03-28T00:00:00.000000Z"}, {"uuid": "ab769e6d-af9c-473f-b453-d25121149ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-12)", "content": "", "creation_timestamp": "2026-02-12T00:00:00.000000Z"}, {"uuid": "0612735e-5160-4114-8508-ce3626fa0a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-04)", "content": "", "creation_timestamp": "2026-02-04T00:00:00.000000Z"}, {"uuid": "49ed822c-ebce-4557-b461-995dd63c9a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "d2f8b592-0433-439f-82fe-964a1558d76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "2c0d12bf-102b-425e-a0ff-41cabfe00806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-29)", "content": "", "creation_timestamp": "2026-03-29T00:00:00.000000Z"}, {"uuid": "7d616436-2785-4126-affb-14f43114592b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-07)", "content": "", "creation_timestamp": "2026-04-07T00:00:00.000000Z"}, {"uuid": "5d04a79e-3668-4d19-a4b4-34127aaac7be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-15)", "content": "", "creation_timestamp": "2026-04-15T00:00:00.000000Z"}, {"uuid": "8b7a7a32-5f52-4642-b025-888d7b92f6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34047", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19625", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34047\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient input sanitation, enabling traversal sequences\u00a0to escape the intended directory and access sensitive files.\n\ud83d\udccf Published: 2025-06-26T16:10:37.548Z\n\ud83d\udccf Modified: 2025-06-26T16:10:37.548Z\n\ud83d\udd17 References:\n1. https://www.cnvd.org.cn/flaw/show/CNVD-2021-64035\n2. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cnvd/2021/CNVD-2021-64035.yaml\n3. https://www.leadsec.com.cn/\n4. https://vulncheck.com/advisories/leadsec-vpn-path-traversal-file-read", "creation_timestamp": "2025-06-26T16:51:43.000000Z"}]}