EUVD-2026-37520Severity by source
Network vector because the attack originates from a remote SFTP server; AC:H because attacker must control or compromise that server; S:C because file writes escape the intended destination scope; C:N as no data exfiltration is described.
Lifecycle Timeline
2Description PRE-NVD
Articles & Coverage 1
AnalysisAI
Path traversal in Apache Airflow SFTP provider (apache-airflow-providers-sftp before 5.8.1) allows a malicious or compromised remote SFTP server to write files outside the configured local destination directory on the Airflow worker host. The root cause is that SFTPHook.retrieve_directory does not sanitize server-supplied directory-entry names before constructing local file paths, enabling traversal sequences to escape the intended destination. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires three concurrent conditions: (1) the Airflow deployment must use SFTPHook.retrieve_directory or SFTPOperator with operation=get configured to download an entire directory - not just individual files; (2) the SFTP server endpoint must be malicious or compromised - the attacker must control the server-side directory listing, not the Airflow client; (3) the Airflow worker process must have filesystem write permissions to paths outside the intended destination (typical for unprivileged worker accounts that can write to home directories, temp paths, or application directories). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS vector or score was provided in the source data - severity is described only as 'moderate' in the advisory. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who operates or has compromised an SFTP server that an Airflow DAG connects to crafts directory-entry names containing path traversal sequences (e.g., '../../.ssh/authorized_keys' or '../../etc/cron.d/backdoor'). When the scheduled DAG runs SFTPOperator(operation=get) to retrieve a directory, Airflow builds the local write path by concatenating the destination directory with the server-supplied name without sanitization, causing the file content controlled by the attacker to land at the traversal-resolved path on the Airflow worker host. … |
| Remediation | Upgrade the apache-airflow-providers-sftp package to version 5.8.1 or later; this is the vendor-confirmed fix version stated in the oss-security advisory (https://seclists.org/oss-sec/2026/q2/941). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Airflow deployments using the SFTP provider and identify which SFTP servers they connect to; classify servers as trusted (internal) or untrusted (external). …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today