CVE-2026-7519

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://my.feishu.cn/docx/TCyMdptvaoTQCvxkHLbceJZCnge?from=from_copylink
https://vuldb.com/submit/804096
https://vuldb.com/vuln/360333
https://vuldb.com/vuln/360333/cti

Published: May 01, 2026 01:16 UTC Modified: May 01, 2026 15:26 UTC