3 matches found
changedetection.io <= 0.52.9 - Unauthenticated Path Traversal
changedetection.io / route, letting unauthenticated attackers read local application source files. id: CVE-2026-25527 info: name: changedetection.io / route, letting unauthenticated attackers read local application source files. impact: | Unauthenticated attackers can read local application sourc...
CVE-2026-25527
changedetection.io is a free open source web page change detection tool. In versions prior to 0.53.2, the /static// route accepts group="..", which causes sendfromdirectory"static/..", filename to execute. This moves the base directory up to /app/changedetectionio, enabling unauthenticated local...
CVE-2026-25527
Changedetection.io versions prior to 0.53.2 are vulnerable to unauthenticated local file read via path traversal in the /static// route when group=".." is supplied, potentially exposing source files (e.g., flask_app.py). Root cause: send_from_directory("static/..", filename) can escape the app di...