CVE-2026-34026

Summary

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation, allowing an authenticated attacker with any role or permission level to traverse out of the intended document directory and download arbitrary files accessible to the application. This includes, but is not limited to, application log files containing sensitive information and application binaries.

Affected Software

VendorProductVersion RangeStatus
Wertheim GmbHWertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014affected

Weaknesses

  • CWE-23: CWE-23 Relative path traversal

Workarounds

Restrict access to the SafeController web application to authorized users and trusted network locations only. Review access to document download endpoints and monitor requests containing path traversal sequences, absolute paths, encoded traversal patterns, or unexpected filesystem paths. Ensure that sensitive log files and application binaries are not readable by the web application account unless strictly required. These measures should only be treated as interim risk reduction; the vendor-provided patch should be installed.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References