Primary

Context

NI System Web Server Relative Path Traversal Vulnerability Allowing Information Disclosure

Vulnerability

A relative path traversal vulnerability has been identified in the NI System Web Server, present in versions through 2012. This vulnerability allows an attacker to send a specially crafted request that can read arbitrary files, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive files, allowing for information disclosure.

Remediation

Users are advised to upgrade to NI System Web Server 2013 or later. For LabVIEW users, the upgrade can be done through the NI Package Manager or by downloading the latest version from the NI Software Downloads page.

Added: Dec 4, 2025, 8:28 PM

Updated: Dec 4, 2025, 8:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NI System Web Server Relative Path Traversal Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating