CVE-2025-40898

Name of the Vulnerable Software and Affected Versions Import Arc (affected versions not specified)

Description A path traversal issue exists in the Import Arc data archive functionality because of inadequate input file validation. An authenticated user with limited privileges can potentially write arbitrary files to arbitrary paths by uploading a specially crafted Arc data archive. This could lead to alterations in the device configuration and/or affect its availability. The vulnerability allows writing arbitrary files in arbitrary paths.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.