CVE-2026-46747 | Siemens SINEC INS up to 1.0 SP2 Update 5 /api/sftp/uploadFiles path traversal (ssa-860189)

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability classified as problematic has been found in Siemens SINEC INS up to 1.0 SP2 Update 5. This affects an unknown function of the file /api/sftp/uploadFiles. This manipulation causes path traversal: ‘/dir/../filename’.

This vulnerability is tracked as CVE-2026-46747. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-46747 | Siemens SINEC INS up to 1.0 SP2 Update 5 /api/sftp/uploadFiles path traversal (ssa-860189)

Post correlati

CVE-2025-23860 | Eyouth Charity-Thermometer Plugin up to 1.1.2 on WordPress cross site scripting

CVE-2026-25916 | Roundcube Webmail up to 1.5.12/1.6.12 SVG unprotected alternate channel

CVE-2025-49010 | OpenSC up to 0.26.x USB stack-based overflow

CVE-2026-40978 | Vmware Spring AI up to 1.0.5/1.1.4 Document ID CosmosDBVectorStore sql injection