CVE-2025-34238 is a path traversal vulnerability classified under CWE-22 found in Advantech WebAccess/VPN versions prior to 1.1.5. The flaw exists in the AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() method, which improperly limits pathname inputs, allowing an authenticated network administrator to manipulate the file path parameter. This manipulation enables the attacker to cause the application to read and return the contents of arbitrary files that the web server user (commonly 'www-data') can access. The vulnerability does not require user interaction and can be exploited remotely over the network, but it does require the attacker to have authenticated network administrator privileges. The CVSS v4.0 score is 6.9 (medium severity), reflecting the moderate impact on confidentiality due to potential unauthorized file disclosure, with no impact on integrity or availability. The vulnerability is significant because it can expose sensitive configuration files or credentials stored on the server, which could be leveraged for further attacks. No public exploit code or active exploitation has been reported yet. The vulnerability affects all versions prior to 1.1.5, and no official patch links are currently available, indicating that organizations must monitor vendor advisories closely for updates.

For European organizations, this vulnerability poses a risk of sensitive information disclosure, including VPN configuration files, credentials, or other critical data accessible by the web server user. As the attacker must have network administrator credentials, the threat is primarily from insider threats or compromised admin accounts. However, if exploited, attackers could gain insights into network configurations, potentially facilitating lateral movement or further compromise. Organizations in sectors with stringent data protection regulations, such as finance, healthcare, and critical infrastructure, could face compliance violations and reputational damage if sensitive data is leaked. The medium severity score reflects that while the vulnerability does not directly impact system availability or integrity, the confidentiality breach could have significant operational and regulatory consequences. European entities relying on Advantech WebAccess/VPN for secure remote access should consider this a priority vulnerability to address.

1. Immediately upgrade Advantech WebAccess/VPN to version 1.1.5 or later once available to apply the official fix. 2. Until patches are released, restrict network administrator access to the VPN management interface using network segmentation, VPN access controls, and IP whitelisting to limit exposure. 3. Implement strict monitoring and logging of administrative actions on the VPN system to detect any unusual file access or suspicious activity. 4. Enforce strong authentication mechanisms for network administrators, including multi-factor authentication (MFA), to reduce the risk of credential compromise. 5. Regularly audit file permissions for the web server user to minimize access to sensitive files that could be disclosed via path traversal. 6. Conduct internal penetration testing focusing on path traversal and privilege escalation vectors to identify any additional weaknesses. 7. Educate administrators on the risks of credential sharing and phishing attacks that could lead to privilege abuse. 8. Maintain up-to-date backups of configuration files and critical data to enable recovery in case of compromise.