CyberRota Yorumu
Uzaktan istismar edilebilir olabilir.
Public Exploit Sinyali
Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.
Tespit Edilen Sinyaller
exploit
Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.
CVE
CVE-2026-40547
Severity
UNKNOWN
CVSS
N/A
EPSS
%0.45
Orijinal NVD Açıklaması
SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files previously added through the backup functionality. Critically, due to CVE-2026-40543 (Missing Authorization), any backup file can be read by any (unauthorized) user. This issue affects SOPlanning version 1.55 and below.