CVE-2026-34028
MediumCVSS 6.9Exploitation Probability (EPSS)
Low risk31th percentile — higher than 31% of all known CVEs
Summary
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyId_[ID]/Audio/ and /SafeData/.
Risk Assessment
The risk to the organization involves the potential for unauthorized access to sensitive data, which could lead to information leaks and privacy violations.
Recommendation
It is recommended to implement appropriate authorization mechanisms for all endpoints and review the software's security to minimize the risk of unauthorized access.
Original NVD description (English source)
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyId_[ID]/Audio/ and /SafeData/.

