An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-02-12
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.
CVSS Score
8.8
EPSS Score
0.011
Published
2022-02-16