Eclipse Basyx Java Server Sdk
Monthly
Unauthenticated arbitrary file write in Eclipse BaSyx Java Server SDK (2.0.0-milestone-05 through 2.0.0-milestone-12) lets remote attackers plant files anywhere the Java process can write when the server is deployed with the MongoDB file backend, potentially escalating to remote code execution. The AAS thumbnail API trusts a client-supplied fileName that is later reused as a filesystem path, so a traversal or absolute-path filename lands attacker-controlled bytes outside the intended directory. There is no public exploit identified at time of analysis and the issue is not in CISA KEV, but the vendor-fixed release (2.0.0-milestone-13) is available.
Unauthenticated arbitrary file write in Eclipse BaSyx Java Server SDK (2.0.0-milestone-05 through 2.0.0-milestone-12) lets remote attackers plant files anywhere the Java process can write when the server is deployed with the MongoDB file backend, potentially escalating to remote code execution. The AAS thumbnail API trusts a client-supplied fileName that is later reused as a filesystem path, so a traversal or absolute-path filename lands attacker-controlled bytes outside the intended directory. There is no public exploit identified at time of analysis and the issue is not in CISA KEV, but the vendor-fixed release (2.0.0-milestone-13) is available.