CVE-2026-35076

Arbitrary file delete vulnerability in method bac-scanresult

CVSS 7.2 HIGHEPSS 0.4%CWE-73

In short

A feature called bac-scanresult allows someone with a user account to delete any file on the system because the code doesn't properly check what files the user is trying to delete. This is dangerous because an attacker could remove important system or application files.

Technical detail

The bac-scanresult method fails to validate user-controlled file path input, allowing authenticated attackers to delete arbitrary files via path traversal or direct file specification. Exploitation requires valid user credentials and can result in denial of service or compromise of system integrity through deletion of critical files.

Summary generated and translated by AI from the official description.

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

MBS · Double-A Profibus MBS · Double-A x-link MBS · Double-X CAN MBS · Double-X DALI MBS · Double-X KNX MBS · Double-X LON MBS · Double-X M-Bus MBS · Double-X PROFINET MBS · Double-X x-link MBS · Single-A MBS · Single-X MBS · Triple-X KNX+DALI MBS · Triple-X KNX+LON MBS · Triple-X KNX+M-Bus MBS · Triple-X PROFINET+DALI MBS · Triple-X PROFINET+KNX MBS · Triple-X PROFINET+LON MBS · Triple-X PROFINET+M-Bus

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.certvde.com/en/advisories/VDE-2026-039/