Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-58591

Summary
Assigner-SICK AG
Assigner Org ID-a6863dd2-93fc-443d-bef1-79f0b5020988
Published At-06 Oct, 2025 | 07:07
Updated At-13 May, 2026 | 11:53
Rejected At-
Credits

Path Traversal

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:SICK AG
Assigner Org ID:a6863dd2-93fc-443d-bef1-79f0b5020988
Published At:06 Oct, 2025 | 07:07
Updated At:13 May, 2026 | 11:53
Rejected At:
â–¼CVE Numbering Authority (CNA)
Path Traversal

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

Affected Products
Vendor
SICK AGSICK AG
Product
Baggage Analytics
Default Status
affected
Versions
Affected
  • From 0 before 4.6.3 (custom)
Vendor
SICK AGSICK AG
Product
Tire Analytics
Default Status
affected
Versions
Affected
  • From 0 before 4.6.3 (custom)
Vendor
SICK AGSICK AG
Product
Package Analytics
Default Status
affected
Versions
Affected
  • From 0 before 4.6.3 (custom)
Vendor
SICK AGSICK AG
Product
Logistic Diagnostic Analytics
Default Status
affected
Versions
Affected
  • From 0 before 4.6.3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-22CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Type: CWE
CWE ID: CWE-22
Description: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

It is strongly recommended to update the product to version 4.6.3.

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://sick.com/psirt
x_SICK PSIRT Security Advisories
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
x_ICS-CERT recommended practices on Industrial Security
https://www.first.org/cvss/calculator/3.1
x_CVSS v3.1 Calculator
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json
x_The canonical URL.
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf
vendor-advisory
Hyperlink: https://sick.com/psirt
Resource:
x_SICK PSIRT Security Advisories
Hyperlink: https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Resource:
x_SICK Operating Guidelines
Hyperlink: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
Resource:
x_ICS-CERT recommended practices on Industrial Security
Hyperlink: https://www.first.org/cvss/calculator/3.1
Resource:
x_CVSS v3.1 Calculator
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json
Resource:
x_The canonical URL.
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf
Resource:
vendor-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@sick.de
Published At:06 Oct, 2025 | 07:15
Updated At:27 Jan, 2026 | 19:41

A remote, unauthorized attacker can brute force folders and files and read them like private keys or configurations, making the application vulnerable for gathering sensitive information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches

SICK AG
sick
>>baggage_analytics>>*
cpe:2.3:a:sick:baggage_analytics:*:*:*:*:*:*:*:*
SICK AG
sick
>>logistic_diagnostic_analytics>>*
cpe:2.3:a:sick:logistic_diagnostic_analytics:*:*:*:*:*:*:*:*
SICK AG
sick
>>package_analytics>>*
cpe:2.3:a:sick:package_analytics:*:*:*:*:*:*:*:*
SICK AG
sick
>>tire_analytics>>*
cpe:2.3:a:sick:tire_analytics:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Secondarypsirt@sick.de
CWE ID: CWE-22
Type: Secondary
Source: psirt@sick.de
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://sick.com/psirtpsirt@sick.de
Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practicespsirt@sick.de
US Government Resource
https://www.first.org/cvss/calculator/3.1psirt@sick.de
Not Applicable
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.jsonpsirt@sick.de
Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdfpsirt@sick.de
Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdfpsirt@sick.de
Product
Hyperlink: https://sick.com/psirt
Source: psirt@sick.de
Resource:
Vendor Advisory
Hyperlink: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
Source: psirt@sick.de
Resource:
US Government Resource
Hyperlink: https://www.first.org/cvss/calculator/3.1
Source: psirt@sick.de
Resource:
Not Applicable
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json
Source: psirt@sick.de
Resource:
Vendor Advisory
Hyperlink: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf
Source: psirt@sick.de
Resource:
Vendor Advisory
Hyperlink: https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Source: psirt@sick.de
Resource:
Product

Change History

0
Information is not available yet

Similar CVEs

1679Records found

CVE-2025-58590
Matching Score-10
Assigner-SICK AG
ShareView Details
Matching Score-10
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.49% / 38.81%
||
7 Day CHG+0.01%
Published-06 Oct, 2025 | 07:06
Updated-27 Jan, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path traversal

It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticspackage_analyticstire_analyticsbaggage_analyticsPackage AnalyticsTire AnalyticsLogistic Diagnostic AnalyticsBaggage Analytics
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-46833
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 23.02%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

Action-Not Available
Vendor-n/aSICK AG
Product-rfu630-13110rfu630-13102rfu630-04102rfu630-13110_firmwarerfu630-04102_firmwarerfu630-04117rfu630-04100_firmwarerfu630-13105rfu630-04109rfu630-13106_firmwarerfu630-04101rfu630-04106rfu630-13100s01rfu630-13107_firmwarerfu630-04106_firmwarerfu630-13101rfu630-04103_firmwarerfu630-13100s01_firmwarerfu630-04104rfu630-13107rfu630-04104_firmwarerfu630-13108_firmwarerfu630-13108rfu630-13115_firmwarerfu630-13114_firmwarerfu630-13103_firmwarerfu630-13105_firmwarerfu630-13104rfu630-13102_firmwarerfu630-13103rfu630-04109_firmwarerfu630-04103rfu630-04105_firmwarerfu630-04101_firmwarerfu630-13113_firmwarerfu630-13114rfu630-04100s01_firmwarerfu630-13113rfu630-13115rfu630-13101_firmwarerfu630-04105rfu630-04117_firmwarerfu630-13111rfu630-04100rfu630-13104_firmwarerfu630-13111_firmwarerfu630-04100s01rfu630-13106SICK RFU63x Firmware
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-46832
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 23.02%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

Action-Not Available
Vendor-n/aSICK AG
Product-rfu620-10508rfu620-10111rfu620-10114_firmwarerfu620-10500_firmwarerfu620-10504_firmwarerfu620-10501rfu620-10510rfu620-10101rfu620-10504rfu620-10514_firmwarerfu620-10100_firmwarerfu620-10508_firmwarerfu620-10101_firmwarerfu620-10111_firmwarerfu620-10102_firmwarerfu620-10104rfu620-10501_firmwarerfu620-10503rfu620-10118_firmwarerfu620-10401rfu620-10507rfu620-10100rfu620-10107rfu620-10108rfu620-10400_firmwarerfu620-10507_firmwarerfu620-10400rfu620-10510_firmwarerfu620-10514rfu620-10103_firmwarerfu620-10102rfu620-10503_firmwarerfu620-10108_firmwarerfu620-10500rfu620-10103rfu620-10105_firmwarerfu620-10105rfu620-10114rfu620-10401_firmwarerfu620-10107_firmwarerfu620-10118rfu620-10104_firmwareSICK RFU62x Firmware
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-27581
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 23.02%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

Action-Not Available
Vendor-n/aSICK AG
Product-rfu610-10613_firmwarerfu610-10600rfu610-10610_firmwarerfu610-10613rfu610-10605rfu610-10605_firmwarerfu610-10607_firmwarerfu610-10618_firmwarerfu610-10607rfu610-10603rfu610-10601rfu610-10609_firmwarerfu610-10618rfu610-10600_firmwarerfu610-10614rfu610-10614_firmwarerfu610-10603_firmwarerfu610-10604_firmwarerfu610-10604rfu610-10601_firmwarerfu610-10610rfu610-10609rfu610-10700_firmwarerfu610-10700SICK RFU61x Firmware
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2023-43699
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.72% / 49.39%
||
7 Day CHG~0.00%
Published-09 Oct, 2023 | 11:59
Updated-09 Dec, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited.

Action-Not Available
Vendor-SICK AG
Product-apu0200apu0200_firmwareAPU0200apu0200
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2025-27594
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.85%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 12:50
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted transmission of password hash

The device uses an unencrypted, proprietary protocol for communication. Through this protocol, configuration data is transmitted and device authentication is performed. An attacker can thereby intercept the authentication hash and use it to log into the device using a pass-the-hash attack.

Action-Not Available
Vendor-SICK AG
Product-SICK DL100-2xxxxxxx
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-49184
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.41% / 33.07%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 13:24
Updated-29 Jan, 2026 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information disclosure to unauthorized user

A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticstire_analyticsbaggage_analyticspackage_analyticsenterprise_analyticsfield_analyticsEnterprise AnalyticsLogistic Diagnostic AnalyticsPackage AnalyticsBaggage AnalyticsTire AnalyticsField Analytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-22646
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 29.08%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 13:15
Updated-29 Jan, 2026 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

Action-Not Available
Vendor-SICK AG
Product-incoming_goods_suiteIncoming Goods Suite
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2023-35697
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.65% / 46.68%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 09:35
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

Action-Not Available
Vendor-SICK AG
Product-icr890-4_firmwareicr890-4ICR890-4icr890-4
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2023-35696
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.16%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 09:32
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.

Action-Not Available
Vendor-SICK AG
Product-icr890-4_firmwareicr890-4ICR890-4icr890-4
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2023-3270
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-8.6||HIGH
EPSS-0.72% / 49.32%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 09:18
Updated-01 Jun, 2026 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.

Action-Not Available
Vendor-SICK AG
Product-icr890-4icr890-4_firmwareICR890-4icr890-4
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2023-3271
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-8.2||HIGH
EPSS-0.67% / 47.54%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 09:26
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.

Action-Not Available
Vendor-SICK AG
Product-icr890-4_firmwareicr890-4ICR890-4icr890-4
CWE ID-CWE-284
Improper Access Control
CVE-2023-3272
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.44% / 35.39%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 09:27
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.

Action-Not Available
Vendor-SICK AG
Product-icr890-4_firmwareicr890-4ICR890-4icr890-4
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2023-31408
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 34.17%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 10:55
Updated-01 Jun, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleartext Storage of Sensitive Information in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to potentially steal user credentials that are stored in the user’s browsers local storage via cross-site-scripting attacks.

Action-Not Available
Vendor-SICK AG
Product-ftmg-esd25axx_firmwareftmg-esr40sxx_firmwareftmg-esr50sxxftmg-esd15axx_firmwareftmg-esd20axx_firmwareftmg-esn50sxxftmg-esr40sxxftmg-esd25axxftmg-esr50sxx_firmwareftmg-esn50sxx_firmwareftmg-esn40sxx_firmwareftmg-esd20axxftmg-esn40sxxftmg-esd15axxSICK FTMG-ESD15AXX AIR FLOW SENSORSICK FTMG-ESR50SXX AIR FLOW SENSORSICK FTMG-ESR40SXX AIR FLOW SENSORSICK FTMG-ESN40SXX AIR FLOW SENSORSICK FTMG-ESD25AXX AIR FLOW SENSORSICK FTMG-ESD20AXX AIR FLOW SENSORSICK FTMG-ESN50SXX AIR FLOW SENSOR
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2023-31412
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.34% / 26.39%
||
7 Day CHG~0.00%
Published-24 Aug, 2023 | 18:15
Updated-01 Jun, 2026 | 07:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.

Action-Not Available
Vendor-SICK AG
Product-lms511_firmwarelms511lms500lms500_firmwarelms531_firmwarelms531LMS5xxlms5xx
CWE ID-CWE-916
Use of Password Hash With Insufficient Computational Effort
CVE-2023-23446
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.89% / 55.00%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 10:52
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.

Action-Not Available
Vendor-SICK AG
Product-ftmg-esd25axx_firmwareftmg-esr40sxx_firmwareftmg-esr50sxxftmg-esd15axx_firmwareftmg-esd20axx_firmwareftmg-esn50sxxftmg-esr40sxxftmg-esd25axxftmg-esr50sxx_firmwareftmg-esn50sxx_firmwareftmg-esn40sxx_firmwareftmg-esd20axxftmg-esn40sxxftmg-esd15axxSICK FTMG-ESD15AXX AIR FLOW SENSORSICK FTMG-ESR50SXX AIR FLOW SENSORSICK FTMG-ESR40SXX AIR FLOW SENSORSICK FTMG-ESN40SXX AIR FLOW SENSORSICK FTMG-ESD25AXX AIR FLOW SENSORSICK FTMG-ESD20AXX AIR FLOW SENSORSICK FTMG-ESN50SXX AIR FLOW SENSOR
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-23445
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.03%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 10:51
Updated-01 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface.

Action-Not Available
Vendor-SICK AG
Product-ftmg-esd25axx_firmwareftmg-esr40sxx_firmwareftmg-esr50sxxftmg-esd15axx_firmwareftmg-esd20axx_firmwareftmg-esn50sxxftmg-esr40sxxftmg-esd25axxftmg-esr50sxx_firmwareftmg-esn50sxx_firmwareftmg-esn40sxx_firmwareftmg-esd20axxftmg-esn40sxxftmg-esd15axxSICK FTMG-ESD15AXX AIR FLOW SENSORSICK FTMG-ESR50SXX AIR FLOW SENSORSICK FTMG-ESR40SXX AIR FLOW SENSORSICK FTMG-ESN40SXX AIR FLOW SENSORSICK FTMG-ESD25AXX AIR FLOW SENSORSICK FTMG-ESD20AXX AIR FLOW SENSORSICK FTMG-ESN50SXX AIR FLOW SENSOR
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-2078
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.75% / 50.52%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 13:19
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain access to systems, potentially compromising personal information or other sensitive information.

Action-Not Available
Vendor-n/aSICK AG
Product-package_analyticsSICK Package Analytics
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-2077
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-1.01% / 59.04%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.

Action-Not Available
Vendor-n/aSICK AG
Product-package_analyticsSICK Package Analytics
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-46834
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 23.02%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person.

Action-Not Available
Vendor-n/aSICK AG
Product-rfu650-10105_firmwarerfu650-10100_firmwarerfu650-10102_firmwarerfu650-10103rfu650-10104rfu650-10105rfu650-10106_firmwarerfu650-10106rfu650-10102rfu650-10101_firmwarerfu650-10103_firmwarerfu650-10104_firmwarerfu650-10100rfu650-10101SICK RFU65x Firmware
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2025-58585
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 31.98%
||
7 Day CHG-0.00%
Published-06 Oct, 2025 | 07:01
Updated-13 May, 2026 | 11:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sensitive Information Disclosure Through Missing Authentication

Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticspackage_analyticstire_analyticsbaggage_analyticsBaggage AnalyticsLogistic Diagnostic AnalyticsTire AnalyticsPackage Analytics
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2026-22915
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-4.3||MEDIUM
EPSS-0.38% / 29.53%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 13:06
Updated-23 Jan, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information.

Action-Not Available
Vendor-SICK AG
Product-tdc-x401gltdc-x401gl_firmwareTDC-X401GL
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2026-22911
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 37.90%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 13:02
Updated-23 Jan, 2026 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device.

Action-Not Available
Vendor-SICK AG
Product-tdc-x401gltdc-x401gl_firmwareTDC-X401GL
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2026-22910
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.44% / 35.04%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 13:02
Updated-23 Jan, 2026 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.

Action-Not Available
Vendor-SICK AG
Product-tdc-x401gltdc-x401gl_firmwareTDC-X401GL
CWE ID-CWE-1391
Use of Weak Credentials
CVE-2026-22644
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 37.80%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 13:14
Updated-29 Jan, 2026 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.

Action-Not Available
Vendor-SICK AG
Product-incoming_goods_suiteIncoming Goods Suite
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2025-9914
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-4.3||MEDIUM
EPSS-0.30% / 21.77%
||
7 Day CHG+0.01%
Published-06 Oct, 2025 | 06:45
Updated-13 May, 2026 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticstire_analyticsbaggage_analyticspackage_analyticsBaggage AnalyticsLogistic Diagnostic AnalyticsTire AnalyticsPackage Analytics
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-49198
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-3.1||LOW
EPSS-0.32% / 23.63%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 14:24
Updated-26 Jan, 2026 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Poor quality of randomness in authorization tokens

The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens.

Action-Not Available
Vendor-SICK AG
Product-media_serverSICK Media Server
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2025-59460
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.39%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 10:10
Updated-03 Nov, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unsecure access configuration

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

Action-Not Available
Vendor-SICK AG
Product-tloc100-100tloc100-100_firmwareTLOC100-100 with Firmware >=7.1.1TLOC100-100 with Firmware <7.1.1
CWE ID-CWE-1391
Use of Weak Credentials
CVE-2025-58589
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-2.7||LOW
EPSS-0.34% / 25.62%
||
7 Day CHG+0.01%
Published-06 Oct, 2025 | 07:03
Updated-13 May, 2026 | 11:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Disclosure Through Stacktrace

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker thus receives information about the technology used and the structure of the application.

Action-Not Available
Vendor-SICK AG
Product-logistic_diagnostic_analyticspackage_analyticstire_analyticsbaggage_analyticsBaggage AnalyticsLogistic Diagnostic AnalyticsTire AnalyticsPackage Analytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-58584
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.36% / 28.35%
||
7 Day CHG+0.01%
Published-06 Oct, 2025 | 07:01
Updated-13 May, 2026 | 11:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Plain Text Transmission of Username and Password in the URL

In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally.

Action-Not Available
Vendor-SICK AG
Product-package_analyticsbaggage_analyticstire_analyticsenterprise_analyticslogistic_diagnostic_analyticsLogistic Diagnostic AnalyticsTire AnalyticsPackage AnalyticsBaggage AnalyticsEnterprise Analytics
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2025-49197
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 16.50%
||
7 Day CHG+0.01%
Published-12 Jun, 2025 | 14:23
Updated-26 Jan, 2026 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deprecated TLS version supported

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.

Action-Not Available
Vendor-SICK AG
Product-media_serverSICK Media Server
CWE ID-CWE-328
Use of Weak Hash
CVE-2025-49194
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.27% / 19.29%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 14:17
Updated-26 Jan, 2026 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted communication

The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed.

Action-Not Available
Vendor-SICK AG
Product-media_serverSICK Media Server
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-49188
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 28.71%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 14:02
Updated-29 Jan, 2026 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sensitive Data in URL

The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.

Action-Not Available
Vendor-SICK AG
Product-field_analyticsSICK Field Analytics
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2025-49200
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 30.82%
||
7 Day CHG+0.01%
Published-12 Jun, 2025 | 14:27
Updated-26 Jan, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted backup contains sensitive information

The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files.

Action-Not Available
Vendor-SICK AG
Product-field_analyticsSICK Field Analytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-49182
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.07%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 13:15
Updated-29 Jan, 2026 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Credential disclosure

Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.

Action-Not Available
Vendor-SICK AG
Product-media_serverSICK Media Server
CWE ID-CWE-540
Inclusion of Sensitive Information in Source Code
CVE-2025-49183
Matching Score-8
Assigner-SICK AG
ShareView Details
Matching Score-8
Assigner-SICK AG
CVSS Score-7.5||HIGH
EPSS-0.26% / 17.47%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 13:21
Updated-29 Jan, 2026 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted communication (HTTP)

All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files.

Action-Not Available
Vendor-SICK AG
Product-media_serverSICK Media Server
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2021-32498
Matching Score-6
Assigner-SICK AG
ShareView Details
Matching Score-6
Assigner-SICK AG
CVSS Score-8.6||HIGH
EPSS-0.94% / 56.67%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator and use path traversal to run an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET the corresponding executable will be started instead of the emulator

Action-Not Available
Vendor-n/aSICK AG
Product-sopas_engineering_toolSICK SOPAS ET
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-10977
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.20% / 80.30%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 14:06
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.

Action-Not Available
Vendor-neliosoftwaren/a
Product-nelio_ab_testingn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-0752
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-95.54% / 99.86%
||
7 Day CHG~0.00%
Published-16 Feb, 2016 | 02:00
Updated-22 Apr, 2026 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

Action-Not Available
Vendor-n/aopenSUSERed Hat, Inc.Ruby on RailsSUSEDebian GNU/Linux
Product-debian_linuxrailssoftware_collectionsleaplinux_enterprise_module_for_containersopensusen/aRuby on Rails
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33038
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.45% / 35.65%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 17:17
Updated-19 Sep, 2025 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-25164
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.87% / 54.35%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 00:00
Updated-30 Apr, 2025 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iA Path Traversal vulnerability exists in iDURAR v2.0.0, that allows unauthenticated attackers to expose sensitive files via the download functionality.

Action-Not Available
Vendor-idurarappn/aidurar_project
Product-idurarn/aidurar
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-10183
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.60% / 91.96%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 04:24
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dwr-932bdwr-932b_firmwaren/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2005-2349
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-1.85% / 76.47%
||
7 Day CHG~0.00%
Published-28 Oct, 2019 | 13:24
Updated-07 Aug, 2024 | 22:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoo 2.10 has Directory traversal

Action-Not Available
Vendor-zoo_projectn/a
Product-zoon/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-32671
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.87%
||
7 Day CHG+0.06%
Published-11 Apr, 2025 | 08:43
Updated-28 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Print Science Designer plugin <= 1.3.155 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through <= 1.3.155.

Action-Not Available
Vendor-John Weissberg
Product-Print Science Designer
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-2548
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.88% / 54.71%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 18:08
Updated-17 Oct, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path Traversal in parisneo/lollms-webui

A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `lollms_core/lollms/server/endpoints/lollms_binding_files_server.py` and `lollms_core/lollms/security.py` files. Due to inadequate validation of file paths between Windows and Linux environments using `Path(path).is_absolute()`, attackers can exploit this flaw to read any file on the system. This issue affects the latest version of LoLLMs running on the Windows platform. The vulnerability is triggered when an attacker sends a specially crafted request to the `/user_infos/{path:path}` endpoint, allowing the reading of arbitrary files, as demonstrated with the `win.ini` file. The issue has been addressed in version 9.5 of the software.

Action-Not Available
Vendor-ParisNeo (LoLLMs)
Product-lollms_web_uiparisneo/lollms-webuiparisneo\/lollms-webui
CWE ID-CWE-36
Absolute Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-24869
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.99%
||
7 Day CHG~0.00%
Published-17 May, 2024 | 08:48
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8.

Action-Not Available
Vendor-BoldGrid (InMotion Hosting, Inc.)
Product-total_upkeepTotal Upkeeptotal_upkeep
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-25461
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.38%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 00:00
Updated-06 May, 2025 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component.

Action-Not Available
Vendor-creation/aterrasoft
Product-crm_creation/acreatio_terrasoft_crm
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2015-9480
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.57% / 95.75%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 16:22
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter.

Action-Not Available
Vendor-robot-cpan/a
Product-robotcpan/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-25944
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.7||MEDIUM
EPSS-0.77% / 50.95%
||
7 Day CHG~0.00%
Published-29 Mar, 2024 | 16:30
Updated-04 Feb, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on the server filesystem, with the privileges of the running web application.

Action-Not Available
Vendor-Dell Inc.
Product-openmanage_enterpriseDell OpenManage Enterprise
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2015-9538
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-10.12% / 95.08%
||
7 Day CHG~0.00%
Published-26 Nov, 2019 | 14:59
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection.

Action-Not Available
Vendor-n/aImagely, LLC (Imagely)
Product-nextgen_galleryn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 33
  • 34
  • Next
Details not found