CVE-2026-7519
HIGHFujian Apex LiveBOS Endpoint UploadImage.do path traversal
Title source: cnaDescription
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised.
Scores
CVSS v3
7.3
EPSS
0.0004
EPSS Percentile
12.9%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (2)
Fujian Apex/LiveBOS
2.0
Fujian Apex/LiveBOS
2.1
Published
May 01, 2026
Tracked Since
May 01, 2026