Softing Industrial Automation smartLinks Global File Read Vulnerability

Vulnerability

A global file read vulnerability has been identified in Softing Industrial Automation smartLinks versions 1.42 and prior for SW-HT, and versions 1.03 and prior for SW-PN. This issue arises from improper URL validation in the web server, which allows unauthorized file access through the filesystem modules in the Docker deployment.

Impact

Exploitation of this vulnerability allows unauthorized access to files on the server.

Added: Mar 16, 2026, 2:55 PM

Updated: Mar 16, 2026, 2:55 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

4.0

threat

0.0

urgency

1.4

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

4.0

threat

0.0

urgency

1.4

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Softing Industrial Automation smartLinks Global File Read Vulnerability

Vulnerability

Impact

Affected Products

Softing Industrial Automation smartLink SW-HT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating