CVE-2026-46747
Received Received - Intake
Path Traversal in SINEC INS via SFTP Upload Endpoint

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Siemens AG

Description
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application does not properly sanitize path input in the `GET /api/sftp/uploadFiles` endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended file system locations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-46747
EUVD
EUVD-2026-35384
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
siemens sinec_ins to 1.0_sp2_update_6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-26 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize "/dir/../filename" sequences that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-46747 is a vulnerability in the SINEC INS application versions before V1.0 SP2 Update 6. The issue occurs because the application does not properly sanitize path input in the GET /api/sftp/uploadFiles endpoint, which is used for directory listing.

This improper sanitization allows an attacker to perform a path traversal attack by crafting input that accesses unintended file system locations outside the allowed directory structure.

The vulnerability is classified as CWE-26: Path Traversal.

Impact Analysis

This vulnerability could allow an authenticated remote attacker to access files outside the intended directory structure on the affected system.

Such unauthorized access to files may lead to exposure of sensitive information or system files, potentially compromising the confidentiality of data.

Detection Guidance

This vulnerability can be detected by monitoring requests to the GET /api/sftp/uploadFiles endpoint for path traversal patterns such as '../' sequences in the path input.

You can use network monitoring tools or web server logs to identify suspicious requests containing crafted input attempting directory traversal.

Example command to search for suspicious requests in web server logs (assuming logs are in access.log):

  • grep "/api/sftp/uploadFiles" access.log | grep "\.\./"

Alternatively, using a network packet capture tool like tcpdump or Wireshark, filter HTTP GET requests to the vulnerable endpoint and inspect for path traversal payloads.

Mitigation Strategies

The immediate recommended step to mitigate this vulnerability is to update SINEC INS to version V1.0 SP2 Update 6 or later, where the issue is fixed.

Until the update can be applied, restrict access to the vulnerable endpoint by implementing network-level controls such as firewall rules or access control lists to limit access to trusted users only.

Additionally, monitor logs for suspicious activity targeting the /api/sftp/uploadFiles endpoint and respond accordingly.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46747. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart