CVE-2026-23537
Received Received - Intake

Feast Feature Server Path Traversal Vulnerability

Vulnerability report for CVE-2026-23537, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-01

Last updated on: 2026-07-01

Assigner: Red Hat, Inc.

Description

A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-01
Last Modified
2026-07-01
Generated
2026-07-01
AI Q&A
2026-07-01
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
red_hat_data_services feast to 0.58.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-23537 is a vulnerability in the Feast Feature Server's /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem.

Although the system tries to restrict where files can be written, these protections can be bypassed, enabling attackers to overwrite important application configurations or startup scripts.

This flaw requires no credentials or special privileges, so any attacker with network access to the server can exploit it.

Impact Analysis

This vulnerability can impact you by allowing unauthorized modifications to the system, such as overwriting vital application configurations or startup scripts.

It can also lead to denial of service through disk exhaustion or potentially enable remote code execution, compromising the integrity and availability of the system.

Detection Guidance

This vulnerability involves an unauthenticated arbitrary file write via the Feast Feature Server's /save-document endpoint. Detection can focus on monitoring network traffic for suspicious POST requests to this endpoint.

  • Use network monitoring tools (e.g., tcpdump or Wireshark) to capture HTTP POST requests targeting the /save-document endpoint.
  • Example tcpdump command to capture traffic to port 80 or 443 (adjust port as needed): tcpdump -i any -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/save-document'
  • Check server logs for unexpected or unauthorized JSON file writes or POST requests to /save-document.
Mitigation Strategies

Immediate mitigation steps include restricting network access to the Feast Feature Server, especially to the /save-document endpoint, to trusted users only.

  • Apply any available patches or updates from the vendor addressing this vulnerability.
  • Implement firewall rules or access controls to block unauthenticated access to the /save-document endpoint.
  • Monitor system and application logs for signs of exploitation attempts.
Compliance Impact

The vulnerability allows unauthenticated remote attackers to write arbitrary JSON files to the server's filesystem, potentially leading to unauthorized system modifications, denial of service, or remote code execution.

Such unauthorized modifications and potential system compromise could impact the integrity and availability of systems that handle sensitive data, which are key requirements under common standards and regulations like GDPR and HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23537. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart