CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Nozominetworks: >> Cmc >> 25.3.0 Security Vulnerabilities

CVE-2025-40898

A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary paths, altering the device configuration and/or affecting its availability.

CVSS Score

7.2

EPSS Score

0.001

Published

2025-12-18

Page 2

Vulnerabilities

Vulnerable Software

Nozominetworks: >> Cmc >> 25.3.0 Security Vulnerabilities

Products

Pricing

Contact Us