CNNVD-202602-037 Information
Feb 02, 2026
cve
CNNVD ID
CNNVD-202602-037
Related CVE
- CNNVD Published: 2026-02-02
Description (Chinese)
Signal K Server是Signal K开源的一个船用中央服务器。 Signal K Server 2.20.3之前版本存在路径遍历漏洞,该漏洞源于applicationData API存在路径遍历,可能导致任意文件读写。
Description (English)
Signal K Server is a central shipping server for Signal K Open Source. The previous version of Signal K Server 2.20.3 had a loophole in the path, which originated from the applicationData API, which could lead to any document being read and written.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
Signal K
Published
2026-02-02
Last Modified
2026-02-24
References
https://github.com/SignalK/signalk-server/commit/9bcf61c8fe2cb8a40998b913a02fb64dff9e86c7 https://github.com/SignalK/signalk-server/security/advisories/GHSA-vrhw-v2hw-jffx