CVE-2026-1812 - Vulnerability Details

- bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal

Description

A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-02-03

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A vulnerability in bolo-solo up to version 2.6.4 allows a malicious actor to manipulate the file argument in the importFromCnblogs function of BackupService.java, leading to a path traversal flaw (CWE-22). This flaw permits the attacker to construct file paths that escape the intended directory boundaries and potentially read or modify arbitrary files on the host. Public disclosures and remote exploitation vectors are documented, meaning the flaw can be triggered from an external network position.

Affected Systems

The affected product is bolo-blog's bolo-solo component, versions up to and including 2.6.4. All installations of bolo-solo without a patch or upgrade that removes the path traversal vulnerability are susceptible. The vulnerability impacts the Filename Handler module that processes backup imports from cnblogs.

Risk and Exploitability

The base CVSS score of 5.3 indicates a moderate impact, while the EPSS score of less than 1% reflects a low current exploitation probability yet the public availability of exploitation code raises the risk. The flaw is not listed in the CISA KEV catalog. The attacker likely needs only a crafted request to the importFromCnblogs endpoint, and no authentication is mentioned, so remote exploitation can affect any exposed instance.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

bolo-blog

bolo-solo

affected

Version	Status	Constraints
`2.6.0`	affected	—
`2.6.1`	affected	—
`2.6.2`	affected	—
`2.6.3`	affected	—
`2.6.4`	affected	—

Configuration 1 [-]

cpe:2.3:a:adlered:bolo-solo:*:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Bolo-blog	Bolo-solo	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply an updated version of bolo-solo that resolves the path traversal issue, or upgrade to any release newer than 2.6.4.
If an update is not yet available, restrict external exposure of the importFromCnblogs endpoint using network or application level access controls.
Validate and sanitize any user-supplied file paths or enforce canonical path resolution before using them in the application.
Remove write permissions from the directory used for backups or configure the backup directory to reside in a secure, non-writable location.

Generated by OpenCVE AI on April 18, 2026 at 14:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0011.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/bolo-blog/bolo-solo/
https://github.com/bolo-blog/bolo-solo/issues/328
https://vuldb.com/?ctiid.343980
https://vuldb.com/?id.343980
https://vuldb.com/?submit.742582

History

Tue, 03 Mar 2026 00:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Adlered Adlered bolo-solo
CPEs		cpe:2.3:a:adlered:bolo-solo::::::::
Vendors & Products		Adlered Adlered bolo-solo

Wed, 04 Feb 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 04 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Bolo-blog Bolo-blog bolo-solo
Vendors & Products		Bolo-blog Bolo-blog bolo-solo

Tue, 03 Feb 2026 23:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been found in bolo-blog bolo-solo up to 2.6.4. This impacts the function importFromCnblogs of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component Filename Handler. The manipulation of the argument File leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		bolo-blog bolo-solo Filename BackupService.java importFromCnblogs path traversal
Weaknesses		CWE-22
References		https://github.com/bolo-blog/bolo-solo/ https://github.com/bolo-blog/bolo-solo/issues/328 https://vuldb.com/?ctiid.343980 https://vuldb.com/?id.343980 https://vuldb.com/?submit.742582
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Adlered Bolo-solo

Bolo-blog Bolo-solo

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-03T22:32:08.158Z

Updated: 2026-02-23T09:15:58.665Z

Reserved: 2026-02-03T14:03:56.109Z

Link: CVE-2026-1812

Vulnrichment

Updated: 2026-02-04T14:30:54.161Z

NVD

Status : Analyzed

Published: 2026-02-03T23:16:06.803

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-1812

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T14:15:04Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object