Description
A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the log_type parameter to /logsave.htm.
Published: 2026-03-19
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Data Disclosure
Action: Apply Update
AI Analysis

Impact

A firmware flaw in the Small Cell Sercomm SCE4255W, accessed through /ftl/web/setup.cgi, permits authenticated remote users to manipulate the log_type query string to /logsave.htm and read any file on the device. This path traversal vulnerability, classified as CWE‑22, exposes system files and credentials to unauthorized disclosure.

Affected Systems

The issue covers Sercomm’s FreedomFi Englewood small‑cell module, the SCE4255W unit, and affects all firmware revisions prior to DG3934v3@2308041842. Any deployment using a vulnerable firmware version is subject to the described weakness.

Risk and Exploitability

The CVSS base score of 6.5 indicates a moderate severity and the EPSS score below 1 % suggests low current exploitation probability. Although the flaw is not listed in the CISA KeV catalog, it can still be leveraged by anyone who obtains valid administrative credentials and attempts to read sensitive system files. The main attack vector is remote authenticated access to the device, so restricting or disabling local administrative accounts and applying the latest firmware can eliminate the risk.

Generated by OpenCVE AI on March 24, 2026 at 03:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device firmware to DG3934v3 or later, or any official patch released by Sercomm.
  • If an update cannot be applied, block or restrict direct access to the /ftl/web/setup.cgi and /logsave.htm paths using network segmentation or firewall rules.
  • Enforce strong, unique credentials for device administrators and regularly audit user accounts.
  • Monitor device logs for abnormal log_type parameter values that may indicate exploitation attempts.

Generated by OpenCVE AI on March 24, 2026 at 03:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title Path Traversal in Sercomm SCE4255W Setup CGI Enables File Disclosure

Tue, 24 Mar 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Freedomfi
Freedomfi sercomm Sce4255w
Vendors & Products Freedomfi
Freedomfi sercomm Sce4255w

Thu, 19 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
Description A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the log_type parameter to /logsave.htm.
References

Subscriptions

Freedomfi Sercomm Sce4255w
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-24T01:26:02.991Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67115

cve-icon Vulnrichment

Updated: 2026-03-24T01:25:35.882Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-19T18:16:15.820

Modified: 2026-03-24T02:16:04.010

Link: CVE-2025-67115

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T11:51:40Z

Weaknesses