Description
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application does not properly sanitize path input in the `GET /api/sftp/uploadFiles` endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended file system locations.
Published: 2026-06-09
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal vulnerability exists in the GET /api/sftp/uploadFiles endpoint of Siemens SINEC INS. The application does not sanitize the path component of the request, enabling a crafted input to reference directories outside the intended storage area and therefore access unintended file system locations. This flaw permits an attacker to read arbitrary files stored on the server, potentially exposing sensitive information, or to write to locations that may be within the application’s directory structure if write permissions exist.

Affected Systems

All versions of Siemens SINEC INS released before V1.0 SP2 Update 6 are affected. Users running legacy releases are at risk, regardless of deployment environment, because the path sanitization bug resides in the core API layer.

Risk and Exploitability

The CVSS score is 5.3, classifying the issue as moderate in severity. An EPSS score is not provided, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is remote, as an attacker can issue a crafted HTTP GET request to the vulnerable endpoint over the network. Successful exploitation can lead to confidentiality exposure by reading files outside the intended directory or to unauthorized file modification if the resolved path is writable.

Generated by OpenCVE AI on June 9, 2026 at 11:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑provided patch by upgrading to Siemens SINEC INS V1.0 SP2 Update 6 or a newer version.
  • Restrict external access to the /api/sftp/uploadFiles endpoint using firewall rules, VPN, or internal network segmentation so that only trusted hosts can reach it.
  • If an immediate upgrade is not possible, configure the application to enforce strict directory restrictions or use a sandboxed filesystem for the SFTP upload API to mitigate traversal attempts.

Generated by OpenCVE AI on June 9, 2026 at 11:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens sinec Ins
Vendors & Products Siemens
Siemens sinec Ins

Tue, 09 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Title Path Traversal in SINEC INS /api/sftp/uploadFiles Endpoint

Tue, 09 Jun 2026 10:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application does not properly sanitize path input in the `GET /api/sftp/uploadFiles` endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended file system locations.
Weaknesses CWE-26
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Siemens Sinec Ins
cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2026-06-09T14:37:31.164Z

Reserved: 2026-05-18T09:37:25.766Z

Link: CVE-2026-46747

cve-icon Vulnrichment

Updated: 2026-06-09T14:37:07.659Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T10:16:44.130

Modified: 2026-06-09T13:49:39.993

Link: CVE-2026-46747

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T12:30:03Z

Weaknesses