Path traversal vulnerability in MiR robot software via API requests

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request.

AI Analysis

A Path Traversal vulnerability in MiR robot software allows authenticated users to extract files from the robot's file system by sending crafted API requests.

Basic Information

ID CVE-2025-8749

Source TRO

Published Aug 8, 2025 at 11:46

Affected Product

Vendor Mobile Industrial Robots

Product MiR Robots

Affected Versions Mobile Industrial Robots MiR Robots 0

CWE Classification

CWE-22

AI Assessment

AI Severity High

Vendor Mobile Industrial Robots

Product MiR Robots

Version Prior to 3.0.0

References

{
    "lastseen": "",
    "description": "Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request.",
    "published": "2025-08-08T11:46:16.957Z",
    "modified": "2025-08-08T11:46:16.957Z",
    "type": "cve",
    "title": "Path traversal vulnerability in MiR robot software via API requests",
    "source": "TRO",
    "references": "https://a.storyblok.com/f/230581/x/59df550de5/msa-13.pdf\nhttps://supportportal.mobile-industrial-robots.com/documentation/mir-cybersecurity-guide/mir-cybersecurity-guide/",
    "id": "CVE-2025-8749",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Mobile Industrial Robots MiR Robots 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MiR Robots",
    "version": "0",
    "vendor": "Mobile Industrial Robots",
    "ai_description": "A Path Traversal vulnerability in MiR robot software allows authenticated users to extract files from the robot's file system by sending crafted API requests.",
    "ai_severity": "High",
    "ai_vendor": "Mobile Industrial Robots",
    "ai_product": "MiR Robots",
    "ai_version": "Prior to 3.0.0",
    "ai_score": 0
}

Path traversal vulnerability in MiR robot software via API requests_CVE-2025-8749