Volerion logoVolerion
Volerion logoVolerion

Nozomi Networks Guardian and CMC Path Traversal Vulnerability in Time Machine Functionality

Vulnerability

A path traversal vulnerability has been identified in the Time Machine feature of Nozomi Networks Guardian and CMC versions prior to 25.2.0. This vulnerability arises from inadequate validation of two input parameters, allowing an authenticated user with limited privileges to manipulate the structure and content of files in the /data directory, potentially disrupting their availability.

Impact

Exploitation of this vulnerability could allow an authenticated user with limited privileges to modify files in the /data folder, affecting their structure, content, and availability.

Remediation

Users are advised to upgrade to version 25.2.0 or later. Additionally, it is recommended to use internal firewall features to restrict access to the web management interface and to review and remove unnecessary accounts with access to it.

Added: Oct 7, 2025, 1:17 PM
Updated: Oct 7, 2025, 1:17 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
5.0
exploitability
4.9
remediation
7.9
relevance
0.7
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.