Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-40521
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-29 Jun, 2026 | 12:30
Updated At-30 Jun, 2026 | 13:52
Rejected At-
▼CVE Numbering Authority (CNA)
FrontAccounting < 2.4.20 Path Traversal RCE via attachment upload

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execute arbitrary code by uploading files with traversal sequences in the unique_name parameter. Attackers can supply path traversal sequences ../../../shell.php to write files outside the intended attachments directory into the web root, and by uploading PHP files without extension validation, achieve remote code execution as the web server user.

Affected Products
Vendor
FrontAccounting
Product
FrontAccounting
Default Status
affected
Versions
Affected
  • From 0 before 2.4.20 (semver)
Unaffected
  • 701fea6848da4a02fb83d30f07a9c0473d6b7e33 (git)
Problem Types
TypeCWE IDDescription
CWECWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Type: CWE
CWE ID: CWE-22
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Jiva (JivaSecurity)
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://jivasecurity.com/writeups/frontaccounting-rce-attachment-upload-cve-2026-40521
technical-description
exploit
https://sourceforge.net/p/frontaccounting/news/2026/04/release-2420/
release-notes
https://github.com/FrontAccountingERP/FA/commit/701fea6848da4a02fb83d30f07a9c0473d6b7e33
patch
https://www.vulncheck.com/advisories/frontaccounting-path-traversal-rce-via-attachment-upload
third-party-advisory
Hyperlink: https://jivasecurity.com/writeups/frontaccounting-rce-attachment-upload-cve-2026-40521
Resource:
technical-description
exploit
Hyperlink: https://sourceforge.net/p/frontaccounting/news/2026/04/release-2420/
Resource:
release-notes
Hyperlink: https://github.com/FrontAccountingERP/FA/commit/701fea6848da4a02fb83d30f07a9c0473d6b7e33
Resource:
patch
Hyperlink: https://www.vulncheck.com/advisories/frontaccounting-path-traversal-rce-via-attachment-upload
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found