CVE-2026-11419
Path Traversal in Altium Enterprise Server Vault Service
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: Altium
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| altium | enterprise_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal issue in the Altium Enterprise Server Vault Service UploadController. It occurs because the service does not properly validate a user-controlled path component in image upload requests.
An authenticated user can provide a specially crafted absolute path that bypasses the configured storage root, allowing them to write arbitrary files anywhere on the server filesystem where the service account has write permissions.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including remote code execution, service takeover, or denial of service.
Because the attacker can write files to web-accessible directories or overwrite application binaries or configuration files, they can escalate their privileges or disrupt the service.
Note that Altium 365 cloud deployments are not affected due to architectural differences and endpoint inaccessibility.