Skip to main content

DreamMaker CVE-2026-10074

| EUVDEUVD-2026-33299 MEDIUM
Relative Path Traversal (CWE-23)
2026-05-29 twcert GHSA-mmqq-h844-46ww
6.9
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
May 29, 2026 - 14:35 vuln.today
CVSS changed
May 29, 2026 - 14:22 NVD
4.9 (MEDIUM) 6.9 (MEDIUM)

DescriptionCVE.org

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files.

AnalysisAI

Arbitrary file read in Interinfo's DreamMaker application allows privileged attackers to traverse relative path boundaries and download arbitrary system files. The vulnerability stems from insufficient path normalization in a file download or retrieval function, enabling exfiltration of sensitive system content without modifying or disrupting the target. No public exploit code has been identified at time of analysis, and the requirement for high privileges (PR:H per CVSS 4.0) materially limits the attacker pool.

Technical ContextAI

DreamMaker, developed by Interinfo, is a web-based or network-accessible application (CPE: cpe:2.3:a:interinfo:dreammaker:*:*:*:*:*:*:*:*) affecting all tracked versions. The root cause is CWE-23 (Relative Path Traversal), a subclass of path traversal weaknesses where user-supplied input containing sequences such as '../' or encoded equivalents is not properly normalized or validated before being used to construct filesystem paths. When the application resolves these relative references, it can escape the intended directory boundary and access files elsewhere on the host filesystem. The CVSS 4.0 vector assigns AV:N (network attack vector), meaning exploitation is delivered over a network interface rather than requiring direct console access - however, this conflicts with the CVE description's use of 'local attackers,' a discrepancy that warrants vendor clarification.

RemediationAI

Consult the Interinfo vendor advisory via TWCERT (https://www.twcert.org.tw/en/cp-139-10946-1127f-2.html) for the official patch or upgrade path - no specific fixed version number is confirmed in the currently available data, so 'Patch available per vendor advisory' is the most accurate characterization. Until a patch is applied, restrict access to DreamMaker's file retrieval functionality by enforcing the principle of least privilege: reduce the number of accounts holding high-privilege roles, audit current privilege assignments, and enable session logging on privileged actions. If the application exposes file access endpoints over the network, consider placing DreamMaker behind a VPN or network access control layer to reduce exposure. Inspect application logs for anomalous path patterns (sequences of '../', URL-encoded variants '%2e%2e%2f') to detect potential exploitation attempts. Note: access restrictions do not eliminate the underlying flaw - patching remains the definitive remediation.

Share

CVE-2026-10074 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy