4 matches found
CVE-2025-28384
An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal...
CVE-2025-28384
An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal...
CVE-2025-28384
An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS before 6.1.0 allows attackers to execute a directory traversal...
CVE-2025-28384
CVE-2025-28384 affects OpenC3 COSMOS prior to 6.1.0. The vulnerability is a directory traversal in the /script-api/scripts/ endpoint, enabling an attacker to access arbitrary files via crafted requests. Root cause is an insecure handling of path input in that endpoint. Impact per sources indicate...