CVE-2026-57871
Received Received - Intake

Relative Path Traversal in MicroRealEstate File Upload

Vulnerability report for CVE-2026-57871, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-07

Last updated on: 2026-07-07

Assigner: The Missing Link Australia (TML)

Description

Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-07
Last Modified
2026-07-07
Generated
2026-07-07
AI Q&A
2026-07-07
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
themissinglink microrealestate to 1.0.0-alpha3 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-57871 is a relative path traversal vulnerability in the MicroRealEstate Client Portal Remote Support software, specifically affecting versions 1.0.0-alpha3 and earlier.

The vulnerability arises because user-controlled parameters in URLs are used to determine file paths during file uploads, allowing attackers to manipulate parts of the file path.

This manipulation enables attackers to write files to unauthorized directories, potentially overwriting system files.

Impact Analysis

This vulnerability can allow attackers to overwrite critical system files by uploading files to unauthorized locations.

Such unauthorized file overwriting can corrupt the platform, potentially leading to system instability, data loss, or unauthorized control over the affected system.

Mitigation Strategies

As of the provided information, there are no fixed versions available to address this vulnerability.

To mitigate the risk, you should restrict access to the file upload functionality to trusted users only and monitor file uploads closely for suspicious activity.

Additionally, consider implementing input validation and sanitization on file paths to prevent path traversal attempts.

Compliance Impact

The provided information does not specify how the relative path traversal vulnerability in MicroRealEstate affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57871. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart