MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal

MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 = Maintenance Pack 36 with Servicepack 8 week 36/2025 contain an unauthenticated local file disclosure vulnerability caused by improper validation of the "Filename" parameter in the public $SCHEMAS$ resource, letting attackers read arbitrary Windows ...

VulnCheck KEV: CVE-2025-12055

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

EUVD-2025-36096

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055 Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System

HYDRA X, MIP 2 and FEDRA 2 of MPDV Mikrolab GmbH suffer from an unauthenticated local file disclosure vulnerability in all releases until Maintenance Pack 36 with Servicepack 8 week 36/2025, which allows an attacker to read arbitrary files from the Windows operating system. The "Filename" paramet...

CVE-2025-12055

MPDV Mikrolab HYDRA X, MIP 2 and FEDRA 2 are affected by an unauthenticated local file disclosure bug up to Maintenance Pack 36 with Servicepack 8 (week 36/2025). The issue stems from improper validation of the Filename parameter in the public $SCHEMAS$ resource, allowing an attacker to read arbi...

PT-2025-43887

Name of the Vulnerable Software and Affected Versions HYDRA X, MIP 2, and FEDRA 2 versions prior to Maintenance Pack 36 with Servicepack 8 week 36/2025 Description HYDRA X, MIP 2, and FEDRA 2 are affected by a local file disclosure issue. An unauthenticated attacker can read arbitrary files from...