CVE-2026-7411

CRITICAL

Eclipse BaSyx < 2.0.0-milestone-10 - Path Traversal & Arbitrary File Write via Submodel API

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-7411. PoCs published by CryptReaper12.

Description

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously crafted fileName parameter during a file upload operation, an attacker can bypass intended storage boundaries and write arbitrary files to any location on the host filesystem accessible by the Java process. This can lead to Remote Code Execution (RCE) and complete system compromise.

Exploits (1)

nomisec FAILED

by CryptReaper12 · poc

https://github.com/CryptReaper12/CVE-2026-7411

View Code ZIP pw:eip

References (2)

Core 2

Core References

https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/423

https://gitlab.eclipse.org/security/cve-assignment/-/issues/102

Scores

CVSS v3 10.0

EPSS 0.0014

EPSS Percentile 34.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-22

Status published

Products (2)

Eclipse Foundation/Eclipse BaSyx < 2.0.0-milestone-10

org.eclipse.basyx/basyx.sdk 0 - 2.0.0-milestone-10Maven

Published May 05, 2026

Tracked Since May 05, 2026