EUVD-2026-17821
GHSA-qw2j-qjh4-32jw
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Tags
Description
A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/file_manager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
Path traversal in Sanster IOPaint 1.5.3 File Manager allows unauthenticated remote attackers to read, write, or delete arbitrary files via manipulated filename parameters in the _get_file function. EPSS data unavailable, but publicly available exploit code exists. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all IOPaint instances running version 1.5.3 in your environment and isolate them from untrusted networks. Within 7 days: Contact Sanster for patch availability status and interim guidance; evaluate alternative file management solutions or temporary network segmentation. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today