Description
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. The application restricts user logins based on the IP address associated with a branch location, but the client IP address is derived from the HTTP X-Forwarded-For header when that header is present. An attacker with valid branch user credentials can manipulate the X-Forwarded-For header during login to spoof the expected branch IP address and obtain a valid authenticated session from an unauthorized network location.
Published: 2026-06-15
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the login process of Wertheim SafeController Software version AssemblyVersion 6.15.8328.28014. It allows an attacker to forge the client IP address by manipulating the X-Forwarded-For header. The application erroneously uses that header to enforce IP‑based branch restrictions, effectively bypassing the intended authorization check and enabling an unauthorized network‑based login. This weakness is an authentication exception (CWE‑290).

Affected Systems

The product is Wertheim SafeController Software for VAULT ROOMS, part of a Safe Deposit Locker System supplied by Wertheim GmbH. The affected release is AssemblyVersion 6.15.8328.28014. No fixed release is currently documented; users must request the vendor patch.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. The EPSS score is not available, so no current exploitation probability can be quantified. The vulnerability is not listed in CISA KEV, suggesting no known active exploitation. Based on the description, it is inferred that the attack vector involves an attacker sending a crafted HTTP request to the login endpoint with a spoofed X-Forwarded-For header. An attacker requires valid branch user credentials and the ability to transmit network traffic to the SafeController web application.

Generated by OpenCVE AI on June 15, 2026 at 13:51 UTC.

Remediation

Vendor Solution

The vendor provides a patch which should be installed immediately. Specific fixed version information was not provided. Affected parties should contact the vendor to request the update.

Vendor Workaround

Restrict access to the SafeController web application to trusted network locations using infrastructure-level controls. Do not rely on client-supplied HTTP headers such as X-Forwarded-For for access-control or login security decisions unless they are set and normalized by a trusted reverse proxy and stripped from untrusted client requests. Review reverse proxy and web server configuration to ensure forwarded client IP headers cannot be spoofed by external clients. These measures should only be treated as interim risk reduction; the vendor-provided patch should be installed.

OpenCVE Recommended Actions

  • Apply the vendor‑issued patch for SafeController immediately.
  • Restrict access to the SafeController web application to trusted network ranges at the infrastructure level.
  • Configure any reverse proxy or web server to strip or normalize client‑supplied IP headers before the application processes them, ensuring that the application no longer relies on X-Forwarded-For for authentication or access control.

Generated by OpenCVE AI on June 15, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 15 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Description The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. The application restricts user logins based on the IP address associated with a branch location, but the client IP address is derived from the HTTP X-Forwarded-For header when that header is present. An attacker with valid branch user credentials can manipulate the X-Forwarded-For header during login to spoof the expected branch IP address and obtain a valid authenticated session from an unauthorized network location.
Title IP restriction bypass in Wertheim SafeController Software allows logins from unauthorized network locations
Weaknesses CWE-290
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: SEC-VLab

Published:

Updated: 2026-06-15T12:28:44.170Z

Reserved: 2026-03-25T10:46:45.516Z

Link: CVE-2026-34025

cve-icon Vulnrichment

Updated: 2026-06-15T12:28:37.054Z

cve-icon NVD

Status : Deferred

Published: 2026-06-15T12:16:24.867

Modified: 2026-06-15T21:05:18.653

Link: CVE-2026-34025

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-15T14:00:12Z

Weaknesses
  • CWE-290

    Authentication Bypass by Spoofing