CVE-2026-24469
Unknown Unknown - Not Provided
Path Traversal in C++ HTTP Server Allows Arbitrary File Read

Publication date: 2026-01-24

Last updated on: 2026-01-24

Assigner: GitHub, Inc.

Description
C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's filesystem by crafting a malicious HTTP GET request containing ../ sequences. The application fails to sanitize the filename variable derived from the user-controlled URL path, directly concatenating it to the files_directory base path and enabling traversal outside the intended root. No patch was available at the time of publication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-24
Last Modified
2026-01-24
Generated
2026-06-16
AI Q&A
2026-01-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24469
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
frustratedproton http-server to 1.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Path Traversal flaw in the C++ HTTP Server's RequestHandler::handleRequest method. It occurs because the server takes a filename from the URL path without sanitizing it and directly concatenates it to the base files directory path. An attacker can exploit this by sending a crafted HTTP GET request containing '../' sequences, allowing them to access files outside the intended directory on the server's filesystem without authentication. [1]

Impact Analysis

This vulnerability can allow an unauthenticated remote attacker to read arbitrary files on the server's filesystem. This leads to a high impact on confidentiality as sensitive files could be exposed. However, it does not affect the integrity or availability of the server. The attacker can gain access to files that should be restricted, potentially leaking sensitive information. [1]

Detection Guidance

This vulnerability can be detected by monitoring HTTP GET requests to the server for suspicious path traversal patterns such as '../' sequences in the URL path, especially requests starting with '/files/'. For example, you can use network traffic analysis tools like tcpdump or Wireshark to capture HTTP requests and filter for those containing '../'. A simple command to capture such requests using tcpdump might be: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '../'. Additionally, reviewing server logs for GET requests with '../' in the path (e.g., grep '../' access.log) can help detect exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include implementing input sanitization to reject any HTTP request paths containing '..' sequences to prevent directory traversal. Additionally, canonicalize and validate requested paths using absolute path resolution to ensure the requested file resides within the intended files_directory. Since no patch was available at the time of publication, blocking or filtering suspicious requests at the network or web server level (e.g., using a web application firewall to block requests with '../' in the URL) can help reduce risk. Ultimately, updating the application code to include path validation as suggested (using C++17 std::filesystem to check paths) is necessary for a proper fix. [1]

Compliance Impact

This vulnerability allows an unauthenticated remote attacker to read arbitrary files on the server filesystem, leading to a high confidentiality loss. Such unauthorized data exposure can result in non-compliance with data protection standards and regulations like GDPR and HIPAA, which require safeguarding sensitive information against unauthorized access. Therefore, the vulnerability negatively impacts compliance by risking unauthorized disclosure of protected data. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24469. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart