CVE-2026-36500
Directory Traversal in Controller v12.0.5
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opendaylight | controller | 12.0.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The CVE-2026-36500 vulnerability affects the OpenDaylight (ODL) Controller version 12.0.5, specifically in the cluster-admin:backup-datastore component.
It is a path traversal vulnerability that can be exploited remotely via a crafted RESTCONF HTTP POST request.
This flaw allows attackers to write arbitrary files to any location accessible by the ODL process by manipulating the file-path parameter.
The issue arises because the file-path parameter is not properly validated or restricted to a permitted base directory.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to write arbitrary files anywhere the OpenDaylight process has access.
Such unauthorized file writes can lead to system compromise, including the possibility of executing malicious code, altering configurations, or disrupting normal operations.
Because the exploit is remote and can be triggered via a crafted HTTP POST request, it increases the risk of unauthorized access and control over the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The CVE-2026-36500 vulnerability can be detected by monitoring for crafted RESTCONF HTTP POST requests targeting the cluster-admin:backup-datastore component of the OpenDayLight Controller version 12.0.5. These requests attempt directory traversal by manipulating the file-path parameter to write arbitrary files.
Detection can involve inspecting HTTP POST requests for suspicious file-path parameters that resolve outside the permitted base directory.
Specific commands are not provided in the available resources, but network monitoring tools or web application firewalls (WAFs) can be configured to log and alert on RESTCONF POST requests containing path traversal patterns such as '../' sequences.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply input validation and restrict the file-path parameter to a permitted base directory, rejecting any paths that resolve outside this directory.
Since the vulnerability allows arbitrary file writes via crafted requests, ensure that your OpenDayLight Controller is updated to a version where this issue is fixed or apply patches that enforce this validation.
Additionally, monitor and block suspicious RESTCONF HTTP POST requests that attempt directory traversal patterns until the fix is applied.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details about how the CVE-2026-36500 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.