CVE-2023-39026

HIGH EXPLOITED NUCLEI

FileMage Gateway <1.10.8 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-39026 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Bryce Raindayzz Harty. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in FileMage Gateway versions prior to 1.10.9. It uses a path traversal technique with URL-encoded backslashes to access sensitive configuration files.

Description

Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component.

Exploits (1)

exploitdb WORKING POC
by Bryce Raindayzz Harty · pythonwebappsmultiple
https://www.exploit-db.com/exploits/51708

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in FileMage Gateway versions prior to 1.10.9. It uses a path traversal technique with URL-encoded backslashes to access sensitive configuration files.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: FileMage Gateway < 1.10.9
No auth needed
Prerequisites: List of target IP addresses in a file
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

FileMage Gateway - Directory Traversal
HIGHVERIFIEDby DhiyaneshDk
Shodan: title:"FileMage" || cpe:"cpe:2.3:o:microsoft:windows"

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.1056
EPSS Percentile 95.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

VulnCheck KEV 2023-12-04
CWE
CWE-22
Status published
Products (1)
filemage/filemage < 1.10.8
Published Aug 22, 2023
Tracked Since Feb 18, 2026