QSearchQSearch

CVE-2026-34028

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an aut...

Published: 2026-06-15 · Last updated: 2026-06-15

Severity and scoring

CWE
CWE-425

Description

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyId_[ID]/Audio/ and /SafeData/.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-11986 A flaw was found in the admin-ui-ext component of Keycloak, which provides extended administrative user interface capabilities (4.9 MEDIUM)
  • CVE-2026-8205 Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check canView o... (5.3 MEDIUM)
  • CVE-2026-7500 When Keycloak is started with `--features-disabled=account,account-api`, the Account REST API is only partially disabled (5.4 MEDIUM)
  • CVE-2025-15587 Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's passwor...