CVE-2026-36848

HIGH

Gigamon GVOS <= 5.16.1 - Directory Traversal in H-VUE Subsystem

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-36848. PoCs published by calligraf0.

AI-analyzed exploit summary The repository contains a functional Python exploit for CVE-2026-36848, demonstrating unauthenticated path traversal in GigaVUE-OS. It allows arbitrary file read/write operations via crafted HTTP requests to the vulnerable `/upload` and `/download` endpoints, with additional functionality to drop a bind shell via cron job manipulation.

Description

Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.

Exploits (1)

github WORKING POC
by calligraf0 · pythonpoc
https://github.com/calligraf0/CVE-2026-36848

The repository contains a functional Python exploit for CVE-2026-36848, demonstrating unauthenticated path traversal in GigaVUE-OS. It allows arbitrary file read/write operations via crafted HTTP requests to the vulnerable `/upload` and `/download` endpoints, with additional functionality to drop a bind shell via cron job manipulation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Gigamon GigaVUE-OS v5.4.0
No auth needed
Prerequisites: Network access to port 8089 (or 8089/HTTPS) on the target system
mistral-large-3 · analyzed Jun 29, 2026 Full analysis →

Scores

CVSS v3 7.5
EPSS 0.0069
EPSS Percentile 48.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (1)
gigamon/gigavue-os < 5.16.1
Published Jun 29, 2026
Tracked Since Jun 29, 2026