Description
The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that allows unauthenticated attackers to download arbitrary files by manipulating the filename parameter. Attackers can supply directory traversal sequences ../ in the filename parameter to access files outside the intended directory, including configuration files and system files.
Published: 2026-05-30
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Open ISES Project 3.30A is vulnerable to a path traversal flaw in the ajax/download.php endpoint that lets anyone craft a filename parameter containing sequences such as "../" to reference files outside the intended directory. This vulnerability enables an unauthenticated attacker to download any file the web server can read, including configuration files and system files, thereby exposing sensitive data stored on the server.

Affected Systems

The flaw affects the Open ISES Project 3.30A as distributed by Openises. No additional product variants or version ranges are listed in the CVE data, and the vulnerability is attributed solely to this specific release.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity issue that can be exploited without authentication by submitting a manipulated URL to ajax/download.php. The EPSS score is not available, and the vulnerability is not present in the CISA KEV catalog. Attackers would need network access to the web application and can perform the exploit purely by sending a crafted HTTP request, making the risk real for exposed deployments.

Generated by OpenCVE AI on May 30, 2026 at 16:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version of the Open ISES Project that contains the path traversal fix or install the vendor’s security patch if available.
  • Configure the web server or application to restrict the ajax/download.php endpoint to a dedicated download directory and remove any ".." or relative path components from user-supplied filenames.
  • Enforce authentication for the download functionality and apply input validation or sanitization to prevent directory traversal.

Generated by OpenCVE AI on May 30, 2026 at 16:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Openises
Openises open Ises Project
Vendors & Products Openises
Openises open Ises Project

Sat, 30 May 2026 15:30:00 +0000

Type Values Removed Values Added
Description The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that allows unauthenticated attackers to download arbitrary files by manipulating the filename parameter. Attackers can supply directory traversal sequences ../ in the filename parameter to access files outside the intended directory, including configuration files and system files.
Title The Open ISES Project 3.30A Path Traversal Arbitrary File Download
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openises Open Ises Project
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-30T14:55:15.687Z

Reserved: 2026-05-30T12:25:41.038Z

Link: CVE-2018-25408

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-30T16:17:01.437

Modified: 2026-05-30T16:17:01.437

Link: CVE-2018-25408

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T21:17:49Z

Weaknesses