CVE-2025-67115 is a path traversal vulnerability identified in the firmware of the Small Cell Sercomm SCE4255W device, specifically in the /ftl/web/setup.cgi component before firmware version DG3934v3@2308041842. The flaw exists in the handling of the log_type parameter submitted to the /logsave.htm endpoint, which fails to properly sanitize input, allowing an authenticated remote attacker to traverse the filesystem directory structure. By crafting specific values for log_type, an attacker can read arbitrary files on the device, potentially exposing sensitive information such as configuration files, credentials, or system logs. The vulnerability requires the attacker to be authenticated on the device's web interface, which limits exploitation to users with some level of access but does not require additional user interaction. No CVSS score has been assigned yet, and no public exploits have been reported. The device affected is a small cell telecommunications device used to extend cellular coverage, often deployed by network operators or enterprises. The vulnerability could be leveraged to gain intelligence on device configuration or network setup, aiding further attacks or lateral movement. The lack of input validation on a critical parameter indicates a design oversight in the firmware's web interface. The vulnerability was reserved in December 2025 and published in March 2026, indicating recent discovery and disclosure. No official patches or mitigation links are provided in the data, but upgrading to firmware DG3934v3@2308041842 or later is implied to resolve the issue.

The primary impact of CVE-2025-67115 is unauthorized disclosure of sensitive information due to arbitrary file read capability. Attackers with authenticated access can retrieve configuration files, credentials, or logs, potentially exposing network topology, user data, or administrative secrets. This can facilitate further attacks such as privilege escalation, network intrusion, or targeted exploitation of other vulnerabilities. Since the device is a small cell used in telecommunications infrastructure, compromise could affect network availability or integrity indirectly by enabling attackers to map or manipulate network components. Organizations relying on these devices for cellular coverage extension or private LTE/5G networks may face confidentiality breaches and operational risks. The requirement for authentication reduces the risk of widespread exploitation but insider threats or compromised credentials increase the danger. No known exploits in the wild currently limit immediate risk, but the vulnerability presents a significant risk if leveraged by advanced threat actors. The impact is especially critical for telecom operators, enterprises with private networks, and government agencies using these devices in sensitive environments.

1. Upgrade the affected Small Cell Sercomm SCE4255W devices to firmware version DG3934v3@2308041842 or later as soon as the patch is available from the vendor. 2. Restrict access to the device's web management interface to trusted networks and users only, using network segmentation and firewall rules. 3. Enforce strong authentication mechanisms and regularly rotate credentials to reduce the risk of unauthorized access. 4. Monitor device logs and network traffic for suspicious activity indicative of attempts to exploit the log_type parameter or unauthorized file access. 5. Disable or limit the use of the /logsave.htm endpoint if possible, or implement additional input validation and filtering at the network perimeter. 6. Conduct regular security assessments and penetration tests on deployed small cell infrastructure to identify and remediate similar vulnerabilities proactively. 7. Educate administrators on the risks of path traversal vulnerabilities and the importance of applying vendor updates promptly.