Description
An arbitrary file write vulnerability exists in Casdoor's Local File System storage provider. Due to insufficient path sanitization, an authenticated attacker with administrative privileges can perform a Path Traversal attack to create or overwrite arbitrary files anywhere on the host filesystem, bypassing the application's intended storage sandbox.
Published: 2026-05-11
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated attacker with administrative privileges can use insufficient path sanitization in Casdoor’s Local File System storage provider to perform a path traversal, enabling the creation or overwriting of arbitrary files on the host filesystem. This flaw compromises the intended sandbox, potentially allowing modification of critical application files or insertion of malicious content. The primary impact is privilege escalation, leading to integrity and confidentiality violations.

Affected Systems

Affected product is Casdoor, specifically the Casdoor Casdoor implementation that utilizes the Local File System storage provider. No specific version information is provided, so all installations that use this storage provider are potentially vulnerable until a patch is released. Administrators should verify whether their deployment includes the affected component.

Risk and Exploitability

The vulnerability requires authentication and administrative rights, which limits the attack surface to users who have legitimate access to the system. No CVSS or EPSS score is available, and the flaw is not listed in CISA KEV. Nevertheless, the ability to write arbitrary files could lead to code execution or data tampering if exploited. Until a fix is issued, the risk is considered high for environments where administrative credentials are accessible or where the component is exposed to potentially compromised users.

Generated by OpenCVE AI on May 11, 2026 at 16:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-provided patch or upgrade to the latest Casdoor release that addresses the path traversal in the Local File System storage provider.
  • If a patch is not yet available, restrict administrative privileges and enforce least privilege, ensuring only trusted users have access to the component.
  • Consider disabling the Local File System storage provider or switching to a sandboxed storage solution if the feature is not required.

Generated by OpenCVE AI on May 11, 2026 at 16:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Casdoor
Casdoor casdoor
Vendors & Products Casdoor
Casdoor casdoor

Mon, 11 May 2026 18:30:00 +0000

Type Values Removed Values Added
References

Mon, 11 May 2026 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
CWE-22

Mon, 11 May 2026 15:30:00 +0000

Type Values Removed Values Added
Description An arbitrary file write vulnerability exists in Casdoor's Local File System storage provider. Due to insufficient path sanitization, an authenticated attacker with administrative privileges can perform a Path Traversal attack to create or overwrite arbitrary files anywhere on the host filesystem, bypassing the application's intended storage sandbox.
Title CVE-2026-6815
References

Subscriptions

Casdoor Casdoor
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-05-11T16:53:24.656Z

Reserved: 2026-04-21T18:50:35.842Z

Link: CVE-2026-6815

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-11T16:17:37.257

Modified: 2026-05-12T16:47:47.137

Link: CVE-2026-6815

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T09:23:08Z

Weaknesses