High severity8.8NVD Advisory· Published Oct 5, 2017· Updated May 13, 2026

CVE-2017-13996

Description

A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.

Affected products

Loytec/Lvis 3me Firmware
cpe:2.3:o:loytec:lvis-3me_firmware:*:*:*:*:*:*:*:*
Range: <=6.1.1
N/A/Loytec Lvis 3mev5
Range: LOYTEC LVIS-3ME

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100847nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-17-257-01nvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000