CVE-2025-34238 | Advantech WebAccess/VPN up to 1.1.4 path traversal

A vulnerability, which was classified as critical, was found in Advantech WebAccess and VPN up to 1.1.4. Impacted is the function AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction. Such manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-34238. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More