Directory Traversal Vulnerability in Riello UPS NetMan 208
CVE-2025-68916

9.1CRITICAL

Key Information:

Vendor: Riello
Status: Netman
Vendor: CVE Published:; 24 December 2025

What is CVE-2025-68916?

The Riello UPS NetMan 208 application prior to version 1.12 is vulnerable to directory traversal. This vulnerability allows attackers to exploit the cgi-bin/certsupload.cgi endpoint, enabling unauthorized file uploads. Successful exploitation can result in remote code execution, leading to potential compromise of the UPS management system. Proper validation and sanitization measures are crucial to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NetMan 208 < 208 1.12

References

https://github.com/gerico-lab/riello-multiple-vulnerabili...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Dec 24, 2025

JSON

Riello

What is CVE-2025-68916?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.