Description
EAP Legislator is vulnerable to Path Traversal in file extraction functionality. Attacker can prepare zipx archive (default file type used by the Legislator application) and choose arbitrary path outside the intended directory (e.x. system startup) where files will be extracted by the victim upon opening the file.
This issue was fixed in version 2.25a.
Published: 2026-02-02
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Write arbitrary files outside the intended extraction directory via path traversal
Action: Immediate Patch
AI Analysis

Impact

EAP Legislator allows an attacker to craft a malicious zipx archive that, when opened by a victim, extracts files to any location outside the intended directory, such as system startup folders. This Path Traversal flaw enables the attacker to write files arbitrarily on the system, a vulnerability mapped to CWE-22, and is rated with a CVSS score of 8.6, indicating high severity.

Affected Systems

The affected system is the EAP Legislator application from ABC PRO SP. Z O.O. Versions prior to 2.25a are vulnerable, while 2.25a and later contain the fix.

Risk and Exploitability

The exploit requires the victim to open a specially crafted zipx file; the attack vector is likely opportunistic delivery such as email attachment or filesystem upload. Ephemeral EPSS score is below 1%, suggesting currently low likelihood of exploitation, and the vulnerability is not listed in CISA's KEV catalog. Nonetheless, the high CVSS score and file write capability leave the asset exposed if an attacker can deliver the archive.

Generated by OpenCVE AI on April 18, 2026 at 14:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade EAP Legislator to version 2.25a or later to eliminate the path traversal flaw.
  • Configure the application to disable automatic extraction of zipx archives if the feature is not required.
  • Restrict the filesystem permissions for the extraction directory to a non-privileged user and enforce read-only access for system subdirectories.

Generated by OpenCVE AI on April 18, 2026 at 14:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 04 Feb 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Abc Pro
Abc Pro eap Legislator
Vendors & Products Abc Pro
Abc Pro eap Legislator

Mon, 02 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
Description EAP Legislator is vulnerable to Path Traversal in file extraction functionality. Attacker can prepare zipx archive (default file type used by the Legislator application) and choose arbitrary path outside the intended directory (e.x. system startup) where files will be extracted by the victim upon opening the file. This issue was fixed in version 2.25a.
Title Path Traversal in EAP Legislator
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L'}

Subscriptions

Abc Pro Eap Legislator
cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-02-02T17:32:58.563Z

Reserved: 2026-01-19T13:17:10.720Z

Link: CVE-2026-1186

cve-icon Vulnrichment

Updated: 2026-02-02T17:32:49.044Z

cve-icon NVD

Status : Deferred

Published: 2026-02-02T14:16:34.210

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-1186

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:30:02Z

Weaknesses