CVE-2026-7398
Path Traversal in BioinfoMCP Upload Endpoint
Publication date: 2026-04-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| florensiawidjaja | bioinfomcp | to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows arbitrary file write through path traversal in the upload endpoint, leading to high integrity risk and potential workflow poisoning.
Such a vulnerability could impact compliance with standards like GDPR and HIPAA by undermining data integrity and potentially enabling unauthorized modification or corruption of sensitive data or system files.
However, the provided information does not explicitly discuss compliance implications or specific regulatory impacts.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual file uploads to the /upload endpoint of the BioinfoMCP platform, especially those containing directory traversal sequences or absolute paths in the filename field.
A practical way to test for this vulnerability is to attempt a crafted file upload using a command like curl that sets the filename to an absolute path or includes directory traversal characters.
Example command to test the vulnerability:
- curl -v -F "[email protected];filename=/tmp/bioinfomcp_poc.pdf" http://<target-host>/upload
If the file is written outside the intended uploads directory (e.g., /tmp), it indicates the presence of the path traversal vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the BioinfoMCP platform to trusted users only, preventing untrusted users from accessing the upload endpoint.
Additionally, sanitize the filename input by stripping directory separators or using server-generated filenames to avoid path traversal.
Implementing filename sanitization functions such as werkzeug.utils.secure_filename() is recommended to ensure uploaded files are stored safely.
Also, consider adding regression tests to detect path traversal payloads and monitor file writes to detect suspicious activity.
Can you explain this vulnerability to me?
CVE-2026-7398 is an arbitrary file write vulnerability in the BioinfoMCP platform's upload endpoint. It occurs because the application does not properly sanitize the filename provided in a multipart upload request. Attackers can manipulate the filename argument to include absolute paths or directory traversal sequences, allowing them to write files outside the intended uploads directory.
This vulnerability enables an attacker with network access to the BioinfoMCP web platform to upload files to arbitrary locations on the server, potentially overwriting or creating files that can affect the application's workflow.
The issue arises because the malicious file path is later used by a script within the application, increasing the risk of workflow poisoning or other integrity impacts.
How can this vulnerability impact me? :
This vulnerability primarily impacts the integrity and availability of the system. An attacker can write arbitrary files to the server, potentially overwriting important files or injecting malicious files into the application's workflow.
- Low confidentiality risk since the vulnerability allows writing files but not reading sensitive data.
- High integrity risk due to the ability to create or overwrite files arbitrarily.
- Medium availability risk as the attacker could corrupt files or disrupt workflows, causing denial of service or malfunction.
Exploitation requires network access to the upload endpoint and write permissions on the server for the targeted file paths.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual file uploads to the /upload endpoint of the BioinfoMCP platform, especially those containing directory traversal sequences or absolute paths in the filename field.
A practical way to test for the vulnerability is to attempt a crafted file upload using a command like curl that sets the filename to an absolute path or includes directory traversal characters.
For example, the following curl command demonstrates the exploit by uploading a file with a filename set to an absolute path, which if successful indicates the vulnerability is present:
- curl -v -F "[email protected];filename=/tmp/bioinfomcp_poc.pdf" http://<target-host>/upload
Network monitoring tools can also be configured to detect multipart upload requests with suspicious filename parameters that include directory traversal sequences or absolute paths.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the BioinfoMCP platform's upload endpoint to trusted users only, thereby reducing the risk of exploitation by untrusted parties.
Additionally, sanitizing the filename parameter by stripping directory separators or using server-generated filenames can prevent path traversal attacks.
Implementing filename sanitization functions such as werkzeug.utils.secure_filename() is recommended to ensure uploaded filenames do not contain malicious path components.
Further steps include storing uploaded files under randomized or controlled names and adding regression tests to detect path traversal payloads during development.
Can you explain this vulnerability to me?
This vulnerability exists in the Upload function of the bioinfo_mcp_platform/app.py file in florensiawidjaja BioinfoMCP. It involves manipulation of the argument 'Name' which leads to a path traversal issue. This means an attacker can remotely exploit this flaw to access files and directories outside the intended upload directory.
How can this vulnerability impact me? :
The vulnerability allows remote attackers to perform path traversal attacks, potentially accessing or modifying files outside the designated upload area. This can lead to unauthorized disclosure, modification, or deletion of sensitive data, compromising the integrity and confidentiality of the system.