CVE-2026-43616
Analyzed Analyzed - Analysis Complete
Path Traversal in Detect-It-Easy Prior to 3.21

Publication date: 2026-05-04

Last updated on: 2026-05-29

Assigner: VulnCheck

Description
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive extraction to write files outside the intended extraction directory and achieve persistent code execution by overwriting user startup scripts.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-29
Generated
2026-06-16
AI Q&A
2026-05-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43616
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
horsicq detect-it-easy to 3.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Detect-It-Easy versions prior to 3.21 have a path traversal vulnerability. This means that attackers can craft malicious archive entries containing relative traversal sequences or absolute paths. When these archives are extracted, the software does not properly normalize the paths, allowing files to be written outside the intended extraction directory.

By exploiting this flaw, attackers can write arbitrary files anywhere on the filesystem, including overwriting user startup scripts, which can lead to persistent code execution.

Impact Analysis

This vulnerability can allow an attacker to write arbitrary files to your filesystem outside of the intended extraction directory. This can lead to unauthorized modification or creation of files.

Specifically, attackers can overwrite user startup scripts, which may result in persistent code execution. This means malicious code could run automatically when the user logs in, potentially compromising the system's security and integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43616. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart