Security Advisory

CVE-2025-27920

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-05 00:00:00
Last updated 2025-10-21 22:55:17
Assigner mitre
State PUBLISHED

Description

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.