CVE-2026-35079

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-73

Related Identifiers

CVE-2026-35079

Affected Products

Double-A Profibus

Double-A X-Link

Double-X Can

Double-X Dali

Double-X Knx

Double-X Lon

Double-X M-Bus

Double-X Profinet

Double-X X-Link

Single-A

Single-X

Triple-X Knx+Dali

Triple-X Knx+Lon

Triple-X Knx+M-Bus

Triple-X Profinet+Dali

Triple-X Profinet+Knx

Triple-X Profinet+Lon

Triple-X Profinet+M-Bus

CVE-2026-35079

Weakness Enumeration

Related Identifiers

Affected Products

References · 2