Description
ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ATEN Unizon. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the writeFileToHttpServletResponse method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-28505.
Published: 2026-06-24
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability arises from the writeFileToHttpServletResponse method in ATEN Unizon, where the application fails to validate a user‑supplied file path before performing file operations. The result is a directory traversal flaw that allows a remote attacker to request arbitrary files from the server's file system. No authentication is required to trigger the exploit, and the files can be read in the context of the SYSTEM account, giving the attacker access to potentially sensitive configuration or log data.

Affected Systems

The affected vendor is ATEN, specifically its Unizon product line. No specific product version numbers are specified in the advisory, so all installations of ATEN Unizon remain at risk until the vendor releases a fix.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity risk. Although an EPSS score is not provided, the lack of authentication and SYSTEM‑level read access suggest that exploitation requires only a simple crafted HTTP request, which is likely to be automated by scanners. The vulnerability is not currently listed in the CISA KEV catalog, but its impact and ease of exploitation make it a significant threat to confidentiality of internal data.

Generated by OpenCVE AI on June 25, 2026 at 00:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest ATEN Unizon firmware or application update that contains the directory traversal fix.
  • Reconfigure the web application to enforce strict path validation, ensuring that any file path supplied by the client cannot escape the intended directory structure.
  • If an update is not yet available, remove or restrict the writeFileToHttpServletResponse endpoint from public access, or implement a server‑side whitelist of allowed files.
  • Deploy traffic monitoring to detect and alert on suspicious file request patterns associated with directory traversal attempts.

Generated by OpenCVE AI on June 25, 2026 at 00:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ATEN Unizon. Authentication is not required to exploit this vulnerability. The specific flaw exists within the writeFileToHttpServletResponse method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-28505.
Title ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-06-24T21:36:49.727Z

Reserved: 2026-05-27T22:19:10.099Z

Link: CVE-2026-9776

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T00:30:03Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')