4 matches found
Path Traversal
org.eclipse.basyx:basyx.sdk is vulnerable to Path Traversal. The vulnerability is due to inadequate path normalization of the fileName parameter in the Submodel HTTP API, which allows an attacker to write arbitrary files to the host filesystem and potentially execute malicious code...
EUVD-2026-27384
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously crafted fileName parameter during a file upload operation, an...
CVE-2026-7411
CVE-2026-7411 affects Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10. The issue is an inadequate path normalization in the Submodel HTTP API, enabling an unauthenticated remote attacker to perform a path traversal via a crafted fileName parameter during a file upload. This can...
PT-2026-37079
Name of the Vulnerable Software and Affected Versions Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10 Description Inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously...