{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2692", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-18T14:20:35.082Z", "datePublished": "2026-02-19T02:02:06.735Z", "dateUpdated": "2026-02-24T01:45:15.649Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:27:54.126Z"}, "title": "CoCoTeaNet CyreneAdmin Image getAvatar path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "CoCoTeaNet", "product": "CyreneAdmin", "versions": [{"version": "1.0", "status": "affected"}, {"version": "1.1", "status": "affected"}, {"version": "1.2", "status": "affected"}, {"version": "1.3.0", "status": "affected"}], "modules": ["Image Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-02-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-18T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-21T20:39:51.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "sageee (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.346492", "name": "VDB-346492 | CoCoTeaNet CyreneAdmin Image getAvatar path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346492", "name": "VDB-346492 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.754241", "name": "Submit #754241 | CoCoTeaNet CyreneAdmin \u22641.3.0 Directory Traversal", "tags": ["third-party-advisory"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T01:45:01.093101Z", "id": "CVE-2026-2692", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T01:45:15.649Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2692", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-24T01:45:01.093101Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T01:45:12.404Z"}}], "cna": {"title": "CoCoTeaNet CyreneAdmin Image getAvatar path traversal", "credits": [{"lang": "en", "type": "reporter", "value": "sageee (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "CoCoTeaNet", "modules": ["Image Handler"], "product": "CyreneAdmin", "versions": [{"status": "affected", "version": "1.0"}, {"status": "affected", "version": "1.1"}, {"status": "affected", "version": "1.2"}, {"status": "affected", "version": "1.3.0"}]}], "timeline": [{"lang": "en", "time": "2026-02-18T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-02-18T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-02-21T20:39:51.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.346492", "name": "VDB-346492 | CoCoTeaNet CyreneAdmin Image getAvatar path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346492", "name": "VDB-346492 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.754241", "name": "Submit #754241 | CoCoTeaNet CyreneAdmin \u22641.3.0 Directory Traversal", "tags": ["third-party-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Path Traversal"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:27:54.126Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2692", "state": "PUBLISHED", "dateUpdated": "2026-02-24T01:45:15.649Z", "dateReserved": "2026-02-18T14:20:35.082Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-02-19T02:02:06.735Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cocoteanet:cyreneadmin:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3B34048-1BE5-4D91-8339-B2AE1E5318EC", "versionEndIncluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en CoCoTeaNet CyreneAdmin hasta 1.3.0. La cual afecta a una parte desconocida del archivo /api/system/user/getAvatar del componente Gestor de Im\u00e1genes. Si se manipula el argumento Avatar se provoca un salto de ruta. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y podr\u00eda utilizarse."}], "id": "CVE-2026-2692", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-19T07:17:48.470", "references": [{"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.346492"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.346492"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.754241"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.3.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "CyreneAdmin", "source": "cna", "vendor": "CoCoTeaNet"}, "product": "cyreneadmin", "vendor": "cocoteanet"}], "analysis": {"en": {"generated_at": "2026-04-18T11:52:32.396870+00:00", "value": {"mitigation_remediation": ["Upgrade CoCoTeaNet CyreneAdmin to a version newer than 1.3.0 that fixes the path\u2011traversal bug.", "Add server\u2011side validation on the Avatar query parameter to reject sequences that contain directory traversal characters or to restrict the value to a safe whitelist of filenames.", "Configure the web application firewall or the web server to detect and block directory\u2011traversal patterns in requests to the /api/system/user/getAvatar endpoint."], "summary": {"action": "Apply patch", "impact": "Remote Path Traversal"}, "threat_synthesis": {"affected_systems": "The affected product is CoCoTeaNet CyreneAdmin, with all releases up to and including 1.3.0 vulnerable. The flaw resides in the /api/system/user/getAvatar endpoint and is present regardless of product component configuration. Any installation exposing this API is at risk.", "description_and_impact": "A flaw in the Image Handler of CoCoTeaNet CyreneAdmin allows an attacker to craft a special Avatar parameter to walk out of the designated file directory and read arbitrary files on the host. This path traversal weakness can expose sensitive configuration files, credentials, or other confidential data and therefore threatens confidentiality. The vulnerability corresponds to CWE\u201122.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a medium severity. The EPSS score of less than 1\u202f% suggests a low likelihood of exploitation at present, though a publicly disclosed exploit demonstrates the practical ability to read files. The vulnerability is not listed in the CISA KEV catalog. The attack vector is remote, requiring only an HTTP request to the vulnerable endpoint. The potential impact of accessing arbitrary files makes this issue a serious concern for publicly exposed instances."}}}}, "created": "2026-02-19T10:07:52.059436+00:00", "updated": "2026-04-18T12:00:05.886739+00:00", "vendors": ["cocoteanet", "cocoteanet$PRODUCT$cyreneadmin"]}