CVE-2025-40573

MEDIUM Year: 2025
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-35
View all →

Vulnerability Description

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder.

Related Vulnerabilities

CVE-2024-0067

MEDIUM
CVSS:4.3(Medium)

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of t...

CWE-352024

CVE-2024-47170

MEDIUM
CVSS:4.3(Medium)

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chose...

CWE-352024

CVE-2024-47171

MEDIUM
CVSS:4.3(Medium)

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen locat...

CWE-352024

CVE-2021-1282

MEDIUM
CVSS:4.9(Medium)

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on ...

CWE-352021

CVE-2021-1364

MEDIUM
CVSS:4.9(Medium)

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on ...

CWE-352021

CVE-2024-52390

MEDIUM
CVSS:4.9(Medium)

: Path Traversal: '.../...//' vulnerability in CYAN Backup allows Path Traversal.This issue affects CYAN Backup: from n/a through 2.5.3.

CWE-352024