A high-severity path traversal vulnerability has been identified in Relative's Digilent WaveForms software. This flaw could allow a remote attacker to access, modify, or delete sensitive files on the server and potentially execute malicious code, leading to a full system compromise. Organizations are urged to apply the vendor-provided security updates immediately to mitigate the risk of data breaches and operational disruption.

The vulnerability is a relative path traversal (also known as "dot-dot-slash") attack. It exists because the application fails to properly validate or sanitize user-supplied input that is used to construct file paths. An unauthenticated remote attacker can exploit this by crafting a malicious request containing "dot-dot-slash" (../) sequences to navigate outside of the intended directory and access arbitrary files on the system. Successful exploitation could allow an attacker to read sensitive configuration files, overwrite critical system files, or upload and execute a malicious script, resulting in arbitrary code execution with the privileges of the application's user account.

This vulnerability is rated as High severity with a CVSS score of 7.8. A successful exploit could lead to a complete compromise of the affected system. The primary business impacts include the potential for a significant data breach, leading to the theft of confidential company information, customer data, or intellectual property. Furthermore, arbitrary code execution could lead to the installation of ransomware, disruption of critical business operations, and reputational damage. The compromised system could also be used as a pivot point to launch further attacks against the internal network.

Immediate Action: The primary remediation is to apply the security updates provided by the vendor across all affected systems immediately. Before deployment, patches should be tested in a non-production environment to ensure compatibility. After patching, review system access logs and application logs for any signs of compromise that may have occurred prior to remediation.

Proactive Monitoring: System administrators should actively monitor application and server logs for requests containing path traversal sequences (e.g., ../, ..\). Monitor for unusual file access patterns, unexpected process execution from the application's service account, or the creation of unauthorized files in system or web directories. Network monitoring should be configured to detect and alert on suspicious outbound connections from the affected servers, which could indicate a successful compromise.

Compensating Controls: If immediate patching is not feasible, consider implementing the following controls:

• Deploy a Web Application Firewall (WAF) with rules specifically designed to detect and block path traversal attempts.
• Enforce the principle of least privilege by ensuring the application's service account has the minimum necessary file system permissions, preventing it from writing to or reading from sensitive directories.
• Use host-based intrusion detection systems (HIDS) to monitor for and prevent unauthorized file modifications.

Public Exploit Available: false

Given the high CVSS score of 7.8 and the potential for complete system compromise via arbitrary code execution, this vulnerability poses a significant risk to the organization. Although not currently listed on the CISA KEV catalog, its severity makes it a prime target for future exploitation. We strongly recommend that all system owners prioritize the immediate testing and deployment of the vendor-supplied security patches to all affected systems to prevent potential exploitation.