A vulnerability has been found in ZwickRoell Test Data Management up to 3.0.7 and classified as critical . This issue affects some unknown processing of the file /server/node_upgrade_srv.js . Performing a manipulation of the argument firmware results in path traversal. This vulnerability was named CVE-2026-29522 . The attack needs to be approached locally. There is no available exploit. The affected component should be upgraded.