Skip to main content

Wertheim Safecontroller Software For Vault Rooms Safe Deposit Locker System EUVDEUVD-2026-36713

| CVE-2026-34030 MEDIUM
External Control of File Name or Path (CWE-73)
2026-06-15 SEC-VLab GHSA-mvvf-7w7v-ww2x
6.9
CVSS 4.0 · Vendor: SEC-VLab
Share

Severity by source

Vendor (SEC-VLab) PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (SEC-VLab) · only source for this CVE.

CVSS VectorVendor: SEC-VLab

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 15, 2026 - 12:25 vuln.today

DescriptionCVE.org

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created. The branch code is later used in multiple application functions, including filesystem path generation for uploaded files, profile pictures, and settings. An authenticated attacker with the settings_branches_manage privilege can include path traversal sequences in the branch code and influence the final filesystem location used by affected file operations. This can allow files to be stored in unintended locations, subject to service-account write permissions and branch-code length restrictions.

AnalysisAI

Path traversal in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) enables an authenticated user holding the settings_branches_manage privilege to embed directory traversal sequences in a newly created branch code, redirecting downstream file-write operations — covering uploaded files, profile pictures, and settings data — to attacker-chosen filesystem locations. The root cause is insufficient server-side validation of the branch code field at branch creation time; that tainted value later propagates into multiple file-path-generation routines across the application. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified; real-world impact is bounded by both the service account's write permissions and length restrictions on the branch code value.

Share

EUVD-2026-36713 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy