CVE-2023-26563

CRITICAL

Syncfusion EJ2 Node File Provider 0102271 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-26563. PoCs published by RupturaInfoSec.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2023-26563, CVE-2023-26564, and CVE-2023-26565, including root cause analysis, vulnerable code snippets, and exploitation techniques. It explains directory traversal and SQL injection vulnerabilities in Syncfusion's file manager implementations.

Description

The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server.

Exploits (1)

nomisec WRITEUP

by RupturaInfoSec · poc

https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2023-26563, CVE-2023-26564, and CVE-2023-26565, including root cause analysis, vulnerable code snippets, and exploitation techniques. It explains directory traversal and SQL injection vulnerabilities in Syncfusion's file manager implementations.

Classification

Writeup 100%

Attack Type

Info Leak | Sqli

Complexity

Trivial

Reliability

Reliable

Target: Syncfusion EJ2 ASPCore Filemanager, EJ2 Node Filemanager, SQL Server Database File Provider

No auth needed

Prerequisites: Access to the vulnerable application endpoints

MITRE ATT&CK

T1005 - Data from Local System T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Product

https://ej2.syncfusion.com/documentation/file-manager/file-system-provider/

Exploit

https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/

View Exploit ZIP pw:eip

Product

https://github.com/SyncfusionExamples/ej2-filemanager-node-filesystem

Scores

CVSS v3 9.8

EPSS 0.0147

EPSS Percentile 70.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-22

Status published

Products (1)

syncfusion/nodejs_file_system_provider 0102271

Published Jul 12, 2023

Tracked Since Feb 18, 2026