CVE-2025-59099

The Access Manager is using the open source web server CompactWebServer written in C. This web server is affected by a path traversal vulnerability, which allows an attacker to directly access files via simple GET requests without prior authentication. Hence, it is possible to retrieve all files...

CVE-2025-59099

The Access Manager is using the open source web server CompactWebServer written in C. This web server is affected by a path traversal vulnerability, which allows an attacker to directly access files via simple GET requests without prior authentication. Hence, it is possible to retrieve all files...

CVE-2025-59099

The CVE-2025-59099 issue concerns the Access Manager using CompactWebServer (C#). A path traversal flaw allows unauthenticated GET requests to directly access files, enabling retrieval of any files on the file system, including the SQLite database Database.sq3 with badge data and PINs. Certain fi...

Dormakaba Access Manager security vulnerabilities

Dormakaba Access Manager is a smart hardware controller developed by the American company Dormakaba. There is a security vulnerability in Dormakaba Access Manager, which stems from path traversal vulnerabilities in the CompactWebServer. This vulnerability could allow unauthorized access to files...

PT-2026-4749

Name of the Vulnerable Software and Affected Versions CompactWebServer affected versions not specified Description The Access Manager utilizes CompactWebServer, a web server written in C, which contains a path traversal flaw. This allows an attacker to access files through GET requests without...