CVE-2026-40547 | SOPlanning is vulnerable to Path Traversal in backup endpoin… | CVSS 6.4 MEDIUM

Description

SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files previously added through the backup functionality. Critically, due to CVE-2026-40543 (Missing Authorization), any backup file can be read by any (unauthorized) user. This issue affects SOPlanning version 1.55 and below.

Metadata

CVE ID: CVE-2026-40547
State: PUBLISHED
Assigner: CERT-PL
Reserved: 2026-04-14 09:44 UTC
Published: 2026-06-01 09:04 UTC
Last updated: 2026-06-01 13:04 UTC
Primary CWE: CWE-22
CWE-22 Improper Limitation of a Pathname to a Restricted Dir…
Vendor / Product: SOPlanning / SOPlanning
Sources: cve.org · NVD

Severity & Metrics

6.4 MEDIUM CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: partial

Affected products (1)

Vendor	Product	Platform	Versions
SOPlanning	SOPlanning	—	0 ≤ 1.55

Weakness (CWE)

CWE	Source	Description
CWE-22	cna	CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSS scores (1)

Score	Severity	Version	Source	Vector
6.4	MEDIUM	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H

References (2)