CVE-2026-30284
Published: 31 March 2026
Summary
CVE-2026-30284 is a high-severity External Control of File Name or Path (CWE-73) vulnerability in Uxgroupllc Voice Recorder. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 1.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 requires validation of file names and paths during the import process, directly preventing external control of file destinations and arbitrary overwrites.
SI-2 mandates identification, reporting, and correction of the specific file import flaw, ensuring patches or fixes eliminate the vulnerability.
SI-7 verifies integrity of critical internal files and software, preventing or detecting unauthorized overwrites that enable code execution or information exposure.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary file overwrite in client app via malicious import directly enables client-side exploitation for code execution (T1203) and privilege escalation to elevated code exec (T1068); info exposure impact maps to data collection from local system (T1005).
NVD Description
An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Deeper analysisAI
CVE-2026-30284 is an arbitrary file overwrite vulnerability affecting UXGROUP LLC Voice Recorder version 10.0. The flaw exists in the file import process, which allows attackers to overwrite critical internal files. This can lead to arbitrary code execution or information exposure, as classified under CWE-73 (External Control of File Name or Path). The vulnerability received a CVSS v3.1 base score of 8.6 (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H), indicating high severity due to its potential for significant impact with low complexity and no required privileges.
Exploitation requires local access to the system running the affected software and user interaction, such as convincing a user to import a malicious file. An unprivileged attacker can leverage this to overwrite key files, achieving arbitrary code execution with elevated privileges or exposing sensitive information. The high scope change (S:C) amplifies the risk, as successful exploitation can affect confidentiality, integrity, and availability at a high level.
Mitigation details are available in related advisories referenced at http://voice.com, https://appcraze.co/, https://github.com/Secsys-FDU/AF_CVEs/issues/25, and https://secsys.fudan.edu.cn/. Security practitioners should review these sources for patch information or workarounds, as the vulnerability was published on 2026-03-31.
Details
- CWE(s)