Description
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability.

The specific flaw exists within the uploadSSL method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files or create a denial-of-service condition on the system. Was ZDI-CAN-28503.
Published: 2026-06-24
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a directory traversal flaw in the uploadSSL method that allows a logged‑in user to supply an unvalidated file path and delete arbitrary files on the system. This deletion can cause data loss, compromise configuration files, or trigger a denial‑of‑service condition, as described by CWE‑22.

Affected Systems

All ATEN Unizon installations that expose the uploadSSL functionality and permit authenticated access are affected. No specific product version was listed in the advisory.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. EPSS is not available and the vulnerability is not in CISA’s KEV catalog. Exploitation requires authenticated remote access to the uploadSSL endpoint; once authenticated, an attacker can specify any file path and delete the target file, potentially affecting critical system files or configuration data.

Generated by OpenCVE AI on June 25, 2026 at 00:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official vendor patch or upgrade to the latest ATEN Unizon release that fixes the path validation issue in uploadSSL.
  • Restrict the ability to use the uploadSSL feature to the minimum set of privileged users, enforcing the principle of least privilege.
  • If a patch is not immediately available, disable or restrict access to the uploadSSL endpoint for all but trusted users until remediation is applied.
  • Add custom path‑sanitization logic to any code that interacts with uploadSSL to reject traversal components such as "../" and ensure absolute paths are not used.

Generated by OpenCVE AI on June 25, 2026 at 00:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files or create a denial-of-service condition on the system. Was ZDI-CAN-28503.
Title ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 5.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-06-24T21:36:42.866Z

Reserved: 2026-05-27T22:18:59.046Z

Link: CVE-2026-9775

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T00:30:03Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')