Handler on Duty: Brad Duncan
Threat Level: green
| Published | 2026-05-01 01:16:17 |
|---|---|
| Last Modified | 2026-05-01 01:16:17 |
| AKA | CVE-2026-7519 |
| Summary | A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised. |
| CVSS Score | 7.5 |
| Access Vector | Local | Adjacent | Network |
|---|---|---|---|
| Access Complexity | Low | Medium | High |
| Authentication | None | Single | Multiple |
| Confidentiality | None | Partial | Complete |
| Integrity | None | Partial | Complete |
| Availability | None | Partial | Complete |