CVE-2025-15577

HIGH WAF: High

CVSS 7.5 Published: 2026-02-12

CWE-22

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

Affected Software

Vendor	Product	Version
valmet	dna	up to 2022

References

www.valmet.com (Vendor Advisory)

Back to CVE Database