CVE-2025-49153 CRITICAL

CVE-2025-49153: Path Traversal in MICROSENS NMP Web+

Vendor Microsens
Product NMP Web+
Weakness CWE-22 · Path traversal
Published June 25, 2025
Last update July 17, 2025

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code.

Key dates

02Disclosure timeline

June 25, 2025 CVE published
July 17, 2025 Record updated