CVE-2026-33344

HighPublic PoC

Published: 24 March 2026

Published

24 March 2026

Modified

26 March 2026

KEV Added

—

Patch

—

CVSS Score 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS Score 0.0003 7.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33344 is a high-severity Path Traversal (CWE-22) vulnerability in Dagu Dagu. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly validates untrusted filename inputs like {fileName} in API endpoints to block path traversal via %2F-encoded slashes.

SI-2 Flaw Remediation good match

prevent

Remediates the path traversal flaw by identifying and applying patches such as Dagu version 2.3.1.

AC-3 Access Enforcement partial match

prevent

Enforces access authorizations to limit low-privileged users from reading or modifying files outside the DAGs directory.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

T1565.001 Stored Data Manipulation Impact

Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

attack.mitre.org →

Why these techniques?

Path traversal in public-facing web UI (T1190) directly enables arbitrary local file read (T1005) and stored data manipulation via modification (T1565.001) on GET/DELETE/RENAME/EXECUTE endpoints.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API…

endpoints - GET, DELETE, RENAME, EXECUTE - all pass the {fileName} URL path parameter to locateDAG without calling ValidateDAGName. %2F-encoded forward slashes in the {fileName} segment traverse outside the DAGs directory. This issue has been patched in version 2.3.1.

Deeper analysisAI

CVE-2026-33344 is a path traversal vulnerability (CWE-22) in Dagu, an open-source workflow engine featuring a built-in Web user interface. The issue affects versions 2.0.0 through 2.3.0. Following a partial fix for CVE-2026-27598 that secured only the CREATE endpoint via ValidateDAGName and filepath.Base in generateFilePath, the GET, DELETE, RENAME, and EXECUTE API endpoints still pass the {fileName} URL path parameter directly to locateDAG without validation. This allows %2F-encoded forward slashes in the {fileName} segment to traverse outside the DAGs directory.

An attacker with low privileges (PR:L) can exploit this over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N), achieving high confidentiality (C:H) and integrity (I:H) impacts without affecting availability (A:N), as scored at CVSS 3.1 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). Low-privileged users can thus read sensitive files or modify arbitrary files outside the intended DAGs directory via these endpoints.

The vulnerability is patched in Dagu version 2.3.1. Mitigation details are available in the fixing commit at https://github.com/dagu-org/dagu/commit/7d07fda8f9de3ae73dfb081ccd0639f8059c56bb and the GitHub security advisory at https://github.com/dagu-org/dagu/security/advisories/GHSA-ph8x-4jfv-v9v8.