Security Advisory

Cybersecurity

As IoT adoption continues to proliferate, cybersecurity has become one of the top priorities. Aten created a vulnerability management policy to provide guidance and information to our customers in the event of a reported vulnerability. The management policy ensures that Aten's customers have steady, unambiguous resources to help them understand how Aten resolves or mitigates reported vulnerabilities.

Vulnerability Overview

2026-SA-3

ZDI-CAN-28503: ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
This vulnerability exists in the `/rest/system/ssl` endpoint which allows authenticated administrators to upload SSL certificates. The vulnerability occurs due to improper handling of user-controlled filenames in the file upload process, leading to directory traversal and arbitrary file deletion.

Solution:
ATEN has released a security update to address this vulnerability.
Fixed version: FW V2.7.264.001

Release Date: 2026/04/15

Tech Assistance

	FAQ
	Discontinued Products
	Subscribe RSS

Latest Server Room Solutions Guide is Now Available

Remote Monitoring for Mobile Testing Carts

In-Depth Product Insights

ATEN Pro Audio Series

Optimize Data Center Sustainability with ATEN PG Series eco PDUs

Podcast AI Audio Mixer - MicLIVE (UC8000) by ATEN!

ATEN ACS Online Training

ATEN FAQ Video Channel

Security Advisory

Cybersecurity

Vulnerability Overview

2026-SA-3

Tech Assistance

Where to buy

Security Advisory

Cybersecurity

Vulnerability Overview

2026-SA-3

Tech Assistance

Where to buy

Your Privacy Choices