CVE-2026-5014
Path Traversal in elecV2 Wildcard Handler Enables Remote Exploit
Publication date: 2026-03-28
Last updated on: 2026-03-28
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| elecv2 | elecv2p | to 3.8.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the elecV2 elecV2P software up to version 3.8.3, specifically in the function path.join within the /log/ directory of the Wildcard Handler component. It allows an attacker to perform a path traversal attack by manipulating the path.join function. This means an attacker can potentially access files and directories outside the intended scope by crafting malicious input. The attack can be executed remotely, and a public exploit is available.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to files and directories on the affected system due to path traversal. This can expose sensitive information stored outside the intended directories. Since the attack can be performed remotely without authentication, it increases the risk of data exposure or leakage.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated remote attackers to perform path traversal and read arbitrary files on the server, including sensitive system files. This unauthorized access to potentially sensitive data could lead to violations of data protection regulations such as GDPR and HIPAA, which require strict controls on access to personal and sensitive information.
Since the vulnerability exposes server files without authentication or validation, it increases the risk of data breaches and unauthorized disclosure, which are critical compliance concerns under these standards.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the vulnerable `/log/*` endpoint with crafted path traversal sequences to see if arbitrary files can be read without authentication.
A common detection method is to send HTTP GET requests with URL-encoded directory traversal payloads targeting sensitive files such as `/etc/passwd`.
- Use curl to test the vulnerability by requesting a file outside the intended directory, for example: curl -i "http://<target>/log/.%2E/.%2E/.%2E/.%2E/etc/passwd"
- Use a Python script or HTTP client to send a GET request to the `/log/*` endpoint with multiple `.%2E/` sequences to verify if the server returns the contents of arbitrary files.
- Monitor network traffic for unusual requests to `/log/*` endpoints containing encoded traversal sequences such as `%2E%2E` or `.%2E`.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable `/log/*` and `/logs` endpoints to trusted users only, ideally requiring authentication.
Implement input validation and sanitization on the filename parameter to prevent directory traversal sequences from being processed by the `path.join` function.
If possible, apply patches or updates from the vendor once available, or temporarily disable the vulnerable endpoints to prevent exploitation.
- Configure web application firewalls (WAF) or intrusion detection systems (IDS) to block requests containing suspicious path traversal patterns.
- Review server logs for any suspicious access attempts to the `/log/*` endpoint and respond accordingly.