Security Advisory

Cybersecurity

As IoT adoption continues to proliferate, cybersecurity has become one of the top priorities. Aten created a vulnerability management policy to provide guidance and information to our customers in the event of a reported vulnerability. The management policy ensures that Aten's customers have steady, unambiguous resources to help them understand how Aten resolves or mitigates reported vulnerabilities.

Vulnerability Overview

2026-SA-4

ZDI-CAN-28505: ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability
This vulnerability exists in the `/rest/history/report/getFile` endpoint, which allows unauthenticated users to perform directory traversal attacks to read arbitrary files from the filesystem with NT\SYSTEM privileges.

Solution:
ATEN has released a security update to address this vulnerability.
Fixed version: FW V2.7.264.001

Release Date: 2026/04/15

Tech Assistance

	FAQ
	Discontinued Products
	Subscribe RSS

Latest Server Room Solutions Guide is Now Available

Remote Monitoring for Mobile Testing Carts

In-Depth Product Insights

ATEN Pro Audio Series

Optimize Data Center Sustainability with ATEN PG Series eco PDUs

Podcast AI Audio Mixer - MicLIVE (UC8000) by ATEN!

ATEN ACS Online Training

ATEN FAQ Video Channel

Security Advisory

Cybersecurity

Vulnerability Overview

2026-SA-4

Tech Assistance

Where to buy

Security Advisory

Cybersecurity

Vulnerability Overview

2026-SA-4

Tech Assistance

Where to buy

Your Privacy Choices