Home

Description

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation, allowing an authenticated attacker with any role or permission level to traverse out of the intended document directory and download arbitrary files accessible to the application. This includes, but is not limited to, application log files containing sensitive information and application binaries.

PUBLISHED Reserved 2026-03-25 | Published 2026-06-15 | Updated 2026-06-15 | Assigner SEC-VLab




HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-23 Relative path traversal

Product status

Default status
unknown

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014
affected

Credits

Christian Hager, SEC Consult Vulnerability Lab finder

Gorazd Jank, SEC Consult Vulnerability Lab finder

Philipp Espernberger, SEC Consult Vulnerability Lab finder

References

wertheim-safes.com/safe-deposit-box-management/ product

r.sec-consult.com/wertheim third-party-advisory

cve.org (CVE-2026-34026)

nvd.nist.gov (CVE-2026-34026)

Download JSON