Path Traversal in Schneider Electric Easylogic T150 (Formerly Saitel Dr) Remote Terminal Unit & Controller

CVE-2026-6865

CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path proces…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (19.3th percentile) — read the EPSS interpretation.

Affected products

Schneider Electric Easylogic T150 (Formerly Saitel Dr) Remote Terminal Unit & Controller — versions Versions 11.06.31 and prior
Schneider Electric Saitel Dp Remote Terminal Unit & Controller — versions Versions 11.06.36 and prior

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cybersecurity@se.com