CVE-2026-8215
Path Traversal in IAS Canias ERP 8.03
Publication date: 2026-05-10
Last updated on: 2026-05-10
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| industrial_application_software | canias_erp | 8.03 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Industrial Application Software IAS Canias ERP version 8.03, specifically in the function iasRequestFileEvent of the RMI Interface component.
It involves manipulation of the argument m_strSourceFileName, which causes a path traversal vulnerability. This means an attacker can remotely manipulate the file path to access files outside the intended directory.
The vulnerability can be exploited remotely without authentication, allowing an attacker to read arbitrary files on the server by sending specially crafted requests.
How can this vulnerability impact me? :
This vulnerability allows an attacker to remotely access and read arbitrary files on the affected CaniasERP server without any authentication.
Such unauthorized file access can lead to exposure of sensitive information stored on the server, including configuration files, credentials, or other confidential data.
The exploit has been publicly disclosed and can be used by attackers to compromise the confidentiality of your system's data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to connect to the CaniasERP server's RMI interface on port 27499 and issuing a file transfer request that manipulates the file path argument to access arbitrary files without authentication.
A practical detection method involves using a Java program similar to the provided FileTransfer.java exploit, which connects to the remote registry named "11000000S2OUT" and requests files by specifying paths such as "C:\Windows\win.ini".
If you want to manually check for the vulnerability, you can attempt to connect to the server's RMI port (27499) and invoke the iasRequestFileEvent function with manipulated file path arguments to see if arbitrary files can be retrieved without authentication.
- Use a Java RMI client to connect to the server on port 27499.
- Invoke the remote method "iasRequestFileEvent" with a crafted file path argument to test for path traversal.
- Check if files like "C:\Windows\win.ini" or other sensitive files can be read.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not explicitly detailed in the provided resources.
However, general best practices include restricting network access to the CaniasERP RMI port (27499) to trusted hosts only, implementing network-level filtering or firewall rules to block unauthorized access, and monitoring for suspicious RMI traffic.
Since the vendor has not responded or provided a patch, consider disabling or restricting the vulnerable iasRequestFileEvent functionality if possible, or isolating the affected system until a fix is available.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated remote attackers to perform path traversal and read arbitrary files on the affected Industrial Application Software IAS Canias ERP 8.03 server. Such unauthorized access to files can lead to exposure of sensitive or personal data stored on the server.
Exposure of sensitive or personal data due to this vulnerability could result in non-compliance with data protection regulations such as GDPR or HIPAA, which require strict controls over access to personal and protected health information.
Therefore, exploitation of this vulnerability may compromise the confidentiality of regulated data, potentially leading to violations of these common standards and regulations.