Description
ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability.

The specific flaw exists within the restoreDB method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-28578.
Published: 2026-06-24
Score: 7.2 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

ATEN Unizon suffers a directory traversal flaw within its restoreDB method that allows an authenticated attacker to supply a crafted file path. The missing validation permits file operations outside the intended directory, enabling the attacker to execute arbitrary code with SYSTEM privileges, thereby compromising confidentiality, integrity, and availability of the affected host.

Affected Systems

The vulnerability affects ATEN Unizon installations. Version information is not disclosed in the advisory, so administrators should determine whether their deployment includes the restoreDB functionality and is running an older release that has not received the patch.

Risk and Exploitability

The CVSS score of 7.2 indicates a high severity, yet the EPSS data is unavailable, making exploitation frequency uncertain. The vulnerability is not listed in CISA KEV, implying no publicly known exploits yet. Because authentication is required, a potential attacker would first obtain legitimate credentials or compromise an existing account to gain access, after which the directory traversal can be leveraged to run code as SYSTEM, giving full control over the target system.

Generated by OpenCVE AI on June 25, 2026 at 00:08 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest ATEN Unizon patch or update referenced in the security advisory to resolve the directory traversal flaw.
  • Restrict the restoreDB functionality to a minimal set of trusted administrators and enforce least‑privilege access for any accounts that can invoke it.
  • If an immediate patch cannot be applied, temporarily block or disable the restoreDB endpoint or the underlying network service and monitor for unauthorized access attempts.

Generated by OpenCVE AI on June 25, 2026 at 00:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the restoreDB method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-28578.
Title ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_0

{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-06-24T21:36:58.559Z

Reserved: 2026-05-27T22:19:24.989Z

Link: CVE-2026-9777

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T00:15:02Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')