CVE-2026-25872— JUNG Smart Panel 5.1 KNX Unauthenticated Path Traversal

JUNG Smart Panel 5.1 KNX Unauthenticated Path Traversal

JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an unauthenticated path traversal vulnerability in the embedded web interface. The application fails to properly validate file path input, allowing remote, unauthenticated attackers to access arbitrary files on the underlying filesystem within the context of the web server. This may result in disclosure of system configuration files and other sensitive information.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

对路径名的限制不恰当(路径遍历)

JUNG Smart Panel KNX 路径遍历漏洞

JUNG Smart Panel KNX是德国JUNG公司的一款智能触控面板。 JUNG Smart Panel KNX L1.12.22及之前版本存在路径遍历漏洞，该漏洞源于嵌入式Web界面存在未经验证的路径遍历，可能导致任意文件访问和信息泄露。

N/A

N/A