CVE-2026-0963

An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal...

CVE-2026-0963

The CVE-2026-0963 entry concerns Crafty Controller's File Operations API Endpoint, where an input neutralization flaw allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. The vulnerability affects the File Operations API Endpoint componen...

CVE-2026-0963 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Crafty Controller

An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal...

PT-2026-5381

Name of the Vulnerable Software and Affected Versions Crafty Controller affected versions not specified Description An input neutralization issue exists in the File Operations API Endpoint component of Crafty Controller. A remote, authenticated attacker can exploit this to perform file tampering...