CVE 8.7 HIGH

Path Traversal in Digitek from Grupo Azkoyen_CVE-2026-1523

February 5, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Path Traversal vulnerability in Digitek ADT1100 and Digitek DT950 from PRIMION DIGITEK, S.L.U (Azkoyen Group). This vulnerability allows an attacker to access arbitrary files in the server's file system, thet is, 'http://<host>/..%2F..% 2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd'. By manipulating the input to include URL encoded directory traversal sequences (e.g., %2F representing /), an attacker can bypass the input validation mechanisms ans retrieve sensitive files outside the intended directory, which could lead to information disclosure or further system compromise.

AI Analysis

Path Traversal vulnerability allowing access to arbitrary files in the server's file system

Basic Information

ID CVE-2026-1523
Source INCIBE
Published Feb 5, 2026 at 13:16

Affected Product

Vendor PRIMION DIGITEK
Product Digitek ADT1100
Version all versions
Affected Versions PRIMION DIGITEK Digitek ADT1100 all versions
PRIMION DIGITEK Digitek DT950 all versions

CWE Classification

CWE-22

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor PRIMION DIGITEK, S.L.U (Azkoyen Group)
Product Digitek ADT1100, Digitek DT950
Version all versions

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.