CVE-2026-50869
Deferred Deferred - Pending Action

Directory Traversal in Bludit CMS

Vulnerability report for CVE-2026-50869, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-15

Last updated on: 2026-06-16

Assigner: MITRE

Description

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-15
Last Modified
2026-06-16
Generated
2026-07-06
AI Q&A
2026-06-15
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
bludit bludit 3.19.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-50869 is a vulnerability in Bludit version 3.19.0 that allows an authenticated administrator to perform a directory traversal attack via the API.

The issue occurs in the uploadFile() function in bl-plugins/api/plugin.php, where the filename from the uploaded file is used directly to build the destination path without proper validation or normalization.

This allows an attacker to include path traversal sequences (like ../../../../.htaccess) in the filename, enabling them to upload files outside the intended upload directory.

Impact Analysis

The vulnerability allows an attacker with administrator API access to write files to arbitrary locations on the filesystem.

If the uploaded files are interpreted by the webserver or PHP runtime (for example, .htaccess or .user.ini files), this could lead to altered request handling or even remote code execution.

If such interpretation does not occur, the impact is limited to loss of filesystem integrity due to unauthorized file writes.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious file upload requests to the Bludit API, specifically targeting the api/plugin.php endpoint with filenames containing directory traversal sequences such as "../../".

A practical detection method involves inspecting web server logs or capturing network traffic for multipart upload requests where the filename parameter includes path traversal patterns.

For example, you can use the following command to search web server access logs for suspicious upload attempts:

  • grep -E 'POST .*api/plugin.php' /var/log/apache2/access.log | grep -E '\.\./|\.\.\\'

Additionally, you can use tools like tcpdump or Wireshark to capture HTTP POST requests and filter for filenames containing traversal sequences.

Mitigation Strategies

Immediate mitigation steps include restricting access to the Bludit API to trusted administrators only, ensuring strong authentication is enforced.

Additionally, you should implement input validation and sanitization on the filename parameter to prevent directory traversal sequences from being processed.

If possible, apply patches or updates from the Bludit project that address this vulnerability.

As a temporary workaround, you can monitor and block upload requests with suspicious filenames and restrict write permissions on critical directories to prevent unauthorized file writes.

Compliance Impact

CVE-2026-50869 allows an authenticated administrator to perform a path traversal attack by uploading files with manipulated filenames, potentially writing unauthorized files such as .htaccess or .user.ini to critical locations. This unauthorized file write can lead to alteration of request handling or PHP code execution, impacting filesystem integrity.

Such unauthorized file writes and potential code execution could lead to unauthorized access or modification of sensitive data, which may violate data protection requirements under standards like GDPR or HIPAA. Therefore, this vulnerability could negatively affect compliance by exposing systems to risks of data breaches or unauthorized data manipulation.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50869. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart