CVE-2026-40027
Path Traversal in ALEAPP NQ_Vault.py Enables Arbitrary File Write
Publication date: 2026-04-08
Last updated on: 2026-04-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aleapp | aleapp | to 3.4.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ALEAPP (Android Logs Events And Protobuf Parser) through version 3.4.0, specifically in the NQ_Vault.py artifact parser. It involves a path traversal issue where the parser uses attacker-controlled file_name_from values from a database directly as the output filename. This allows an attacker to craft a path traversal payload (e.g., ../../../outside_written.bin) to write files outside the intended report output directory.
By exploiting this, an attacker can write arbitrary files to locations outside the designated directory, potentially overwriting executable files or configuration files.
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary file writes outside the intended directory, which may allow an attacker to overwrite critical executable or configuration files.
This could result in code execution, compromising the security and integrity of the affected system.