CVE-2026-49233

Vulnerability Description

Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache.

Vulnerability Details

Published Date

June 08, 2026

Last Modified

June 08, 2026

CWE ID

CWE-22

Source

NVD

Vendor

NLnet Labs

Product

Routinator

External References

https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-49233.txt

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment