WF Steuerungstechnik GmbH airleader MASTER
Moderate fix1 remedy
cpe:2.3:h:airleader:airleader_master:*:*:*:*:*:*:*, +2 more
Moderate fix1 remedy
- 3.0046
WF Steuerungstechnik GmbH airleader MASTER Path Traversal Vulnerability
Vulnerability
Patched
A path traversal vulnerability has been identified in WF Steuerungstechnik GmbH's airleader MASTER version 3.0046. This vulnerability allows an unauthenticated attacker to read arbitrary files from the server, outside the web server's document directory, potentially leading to the exposure of sensitive information that could be used in further attacks.
Impact
Exploitation of this vulnerability could result in unauthorized access to sensitive files on the server, including potentially critical system or application data.
Reproduction
The vulnerability can be reproduced by sending a GET request that includes a crafted URL designed to traverse directories. This request can be used to access files such as '/etc/passwd' on the server, indicating the ability to read arbitrary files through the path traversal flaw.
Remediation
Users can upgrade to airleader MASTER version 3.0057, which addresses the path traversal vulnerability.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
6.0remediation
7.7relevance
0.0threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.