Security Advisory

CVE-2025-26390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-13 09:38:35
Last updated 2025-05-13 18:56:33
Assigner siemens
State PUBLISHED

Description

A vulnerability has been identified in OZW672 (All versions < V6.0), OZW772 (All versions < V6.0). The web service of affected devices is vulnerable to SQL injection when checking authentication data. This could allow an unauthenticated remote attacker to bypass the check and authenticate as Administrator user.