Description
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability.

The specific flaw exists within the uploadSSL method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files or create a denial-of-service condition on the system. Was ZDI-CAN-28503.
Published: 2026-06-24
Score: 5.5 Medium
EPSS: 1.2% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a directory traversal flaw in the uploadSSL method that allows a logged‑in user to supply an unvalidated file path and delete arbitrary files on the system. This deletion can cause data loss, compromise configuration files, or trigger a denial‑of‑service condition, as described by CWE‑22.

Affected Systems

All ATEN Unizon installations that expose the uploadSSL functionality and permit authenticated access are affected. No specific product version was listed in the advisory.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. The EPSS score is 1% and the vulnerability is not in CISA’s KEV catalog. Exploitation requires authenticated remote access to the uploadSSL endpoint; once authenticated, an attacker can specify any file path and delete the target file, potentially affecting critical system files or configuration data.

Generated by OpenCVE AI on June 25, 2026 at 14:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official vendor patch or upgrade to the latest ATEN Unizon release that fixes the path validation issue in uploadSSL.
  • Restrict the ability to use the uploadSSL feature to the minimum set of privileged users, enforcing the principle of least privilege.
  • If a patch is not immediately available, disable or restrict access to the uploadSSL endpoint for all but trusted users until remediation is applied.
  • Add custom path‑sanitization logic to any code that interacts with uploadSSL to reject traversal components such as "../" and ensure absolute paths are not used.

Generated by OpenCVE AI on June 25, 2026 at 14:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Aten
Aten unizon
Vendors & Products Aten
Aten unizon

Thu, 25 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files or create a denial-of-service condition on the system. Was ZDI-CAN-28503.
Title ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 5.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-06-25T12:54:05.906Z

Reserved: 2026-05-27T22:18:59.046Z

Link: CVE-2026-9775

cve-icon Vulnrichment

Updated: 2026-06-25T12:54:02.843Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:40:10Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')