CVE-2025-15577

HIGH

Valmet DNA Web Tools <C2022 - Info Disclosure

Title source: llm

Description

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older.

References (1)

Core 1

Core References

Various Sources

https://www.valmet.com/company/innovation/advisories/CVE-2025-15577/

Scores

CVSS v3 7.5

EPSS 0.0050

EPSS Percentile 39.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

valmet/dna < 2022

Published Feb 12, 2026

Tracked Since Feb 18, 2026