CVE-2025-6076

Name of the Vulnerable Software and Affected Versions Partner Software application and Partner Web application versions 4.32 Partner Software application and Partner Web application (affected versions not specified)

Description The Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab. This allows an authenticated attacker to upload a malicious file and potentially compromise the device. The software runs as SYSTEM by default, which increases the severity of the issue.

Recommendations Restrict file uploads on the "reports" tab. Monitor for malicious file uploads. At the moment, there is no information about a newer version that contains a fix for this vulnerability.