Fr. SAUTER AG modu680-AS
0 remedies
0 remedies
Sauter Modulo 6 and EY-Modulo 5 Directory Traversal Vulnerability in importFile SOAP Method
Vulnerability
Patched
A directory traversal vulnerability has been identified in the importFile SOAP method of SAUTER modulo 6 devices and certain EY-modulo 5 devices. This vulnerability allows an unauthenticated remote attacker to bypass path restrictions and upload files to arbitrary locations on the affected device. The issue arises from improper validation of file paths, enabling exploitation through the web server API.
Impact
Exploitation of this vulnerability could lead to unauthorized file uploads, potentially overwriting critical system files or uploading malicious payloads that could be executed on the device.
Remediation
Users are advised to update to SAUTER modulo 6 embedded software version 3.2.0 or newer. For EY-modulo 5 devices, version 6.0 is recommended. This will require CASE Suite Version 5.2 SR5 or newer. Contact your local SAUTER representative for support.
Added: Oct 22, 2025, 7:17 AM
Updated: Oct 22, 2025, 7:17 AM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
7.4remediation
0.0relevance
0.8threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.