Unrated severityNVD Advisory· Published Jan 22, 2026· Updated Jan 22, 2026
CVE-2025-69612
CVE-2025-69612
Description
A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read arbitrary files, such as the server's Web.config.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- TMS Global Software/Management Consoledescription
- Range: = 6.3.7.27386.20250818
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.