CVE-2026-9102— Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write
Possible ATT&CK Techniques 3AI
T1068 · Exploitation for Privilege Escalation T1048 · Exfiltration Over Alternative Protocol T1059 · Command and Scripting InterpreterAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Altium | Altium Enterprise Server | < 8.0.4 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-9102
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write
Source: NVD (National Vulnerability Database)
Vulnerability Description
A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended temporary upload directory and write arbitrary files to any location on the server filesystem. Because content-controlled files can be written to web-accessible directories, this can be escalated to remote code execution in the context of the service account. It can also be used to overwrite application binaries or configuration files, leading to service takeover or denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Altium | Altium Enterprise Server | 0 ~ 8.0.4 | - |
II. Public POCs for CVE-2026-9102
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-9102
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Altium
- CVE-2026-9152
Unauthenticated SOAP Endpoint in Altium 365 SearchService Al - CVE-2026-9129
Path Traversal in Altium Enterprise Server Viewer StorageCon - CVE-2025-27380
HTML Injection Leading to Script Execution in Altium Enterpr - CVE-2025-27379
Stored Cross-Site Scripting in AES BOM Viewer - CVE-2025-27378
SQL Injection in AES Due to Inactive SQL Parsing Configurati
V. Comments for CVE-2026-9102
No comments yet