CVE-2025-28384 | OpenC3 OpenC3 COSMOS 6.0.0 /script-api/scripts/ path traversal

Inserito da Angelo Barbosa | Giu 13, 2025 | CVE

A vulnerability, which was classified as critical, was found in OpenC3 OpenC3 COSMOS 6.0.0. This affects an unknown part of the file /script-api/scripts/. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-28384. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2025-28384 | OpenC3 OpenC3 COSMOS 6.0.0 /script-api/scripts/ path traversal

Post correlati

CVE-2023-46690 | Delta Electronics InfraSuite Device Master up to 1.0.7 path traversal (icsa-23-331-01)

CVE-2024-25998 | Phoenix Contact CHARX SEC-3150 up to 1.5.0 OCPP Service command injection (VDE-2024-011)

CVE-2023-5691 | ChatBot Plugin up to 2.3.9 on WordPress cross site scripting

CVE-2024-33880 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 Download.ashx information disclosure