Primary

Context

Sauter Modulo 6 Devices Arbitrary File Upload Vulnerability

Vulnerability

A vulnerability exists in SAUTER modulo 6 devices, specifically in the embedded web server, allowing low-privileged remote attackers to upload arbitrary data disguised as PNG files. This issue arises because the web server API only verifies the file extension, not the actual content. The vulnerability affects several different versions prior to 3.2.0.

Impact

Exploitation of this vulnerability could lead to unauthorized data uploads, potentially allowing for further attacks or exploitation of other vulnerabilities.

Remediation

Users are advised to update to SAUTER modulo 6 embedded software version 3.2.0 or newer. This update requires CASE Suite version 5.2 SR5 or newer. For assistance, contact your local SAUTER representative.

Added: Oct 22, 2025, 7:19 AM

Updated: Oct 22, 2025, 7:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sauter Modulo 6 Devices Arbitrary File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating