Security Advisory

CVE-2026-29522

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-16 20:46:49

Last updated 2026-03-17 13:36:22

Assigner VulnCheck

State PUBLISHED

Description

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion (LFI) vulnerability in the /server/node_upgrade_srv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to information disclosure of sensitive system files.

← Browse all CVEs View on cve.org ↗