PT-2026-6554 · Digitek · Digitek Adt1100+1
Published
2026-02-05
·
Updated
2026-02-05
·
CVE-2026-1523
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Digitek ADT1100
Digitek DT950
Description
A path traversal issue exists in Digitek ADT1100 and Digitek DT950. This allows an attacker to access arbitrary files on the server's file system. The attack involves manipulating input to include URL encoded directory traversal sequences, such as
%2F representing /, to bypass input validation. An example of a malicious request is: http://<host>/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd. Successful exploitation could lead to information disclosure or system compromise.Recommendations
Apply input validation to prevent directory traversal sequences in requests.
Sanitize user-supplied input to remove or encode characters used in path manipulation.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Digitek Adt1100
Digitek Dt950