CVE-2026-6865

Published: May 12, 2026

Modified: May 12, 2026

PUBLISHED

Description

CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing.

Vendor	Product	Versions
Schneider Electric	EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller	affected `Versions 11.06.31 and prior`
Schneider Electric	Saitel DP Remote Terminal Unit & Controller	affected `Versions 11.06.36 and prior`

Weaknesses (CWE)

CWE-22

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-132-03.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-6865

Description

Affected Products

Weaknesses (CWE)

References