An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system.

See SEL Service Bulletin dated 2022-11-15 for more details.

Related CVEs

CVE-2023-31166

Key Information

GHSA ID

GHSA-5g6v-28xg-q6hr

Published

May 10, 2023 9:30 PM

Last Modified

April 4, 2024 4:01 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 1, 2025 6:44 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.