CVE-2026-1523

Path Traversal in Digitek from Grupo Azkoyen

Description

Path Traversal vulnerability in Digitek ADT1100 and Digitek DT950 from PRIMION DIGITEK, S.L.U (Azkoyen Group). This vulnerability allows an attacker to access arbitrary files in the server's file system, thet is, 'http://<host>/..%2F..% 2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd'. By manipulating the input to include URL encoded directory traversal sequences (e.g., %2F representing /), an attacker can bypass the input validation mechanisms ans retrieve sensitive files outside the intended directory, which could lead to information disclosure or further system compromise.

INFO

Published Date :

2026-02-05T13:16:30.583Z

Last Modified :

2026-02-05T14:29:09.926Z

Source :

INCIBE

AFFECTED PRODUCTS

The following products are affected by CVE-2026-1523 vulnerability.

Vendors	Products
Primion Digitek	Digitek Adt1100 Digitek Dt950

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-1523.

URL	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-digitek-grupo-azkoyen

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability