Primary

Context

Keysight Ixia Vision Product Family Path Traversal Vulnerability Allowing Arbitrary File Download

Vulnerability

A path traversal vulnerability has been identified in the Keysight Ixia Vision Product Family, specifically in version 6.3.1. This vulnerability may allow remote code execution by exploiting the path traversal to access restricted directories, potentially leading to the execution of arbitrary scripts or uploaded binaries. Additionally, the vulnerability could be used to delete files arbitrarily. The issue arises from improper limitations on file paths, which could be exploited by users with administrative privileges.

Impact

Exploitation of this vulnerability could result in arbitrary file downloads, with the potential for remote code execution under certain conditions.

Remediation

Users are advised to upgrade to version 6.8.0, which will be released on March 1, 2025. For more information, visit the Keysight Ixia product support page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keysight Ixia Vision Product Family Path Traversal Vulnerability Allowing Arbitrary File Download

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating