Cyber Resilience

CVE-2026-33344

HighPublic PoC

Published: 24 March 2026

Published
24 March 2026
Modified
26 March 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0047 37.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-33344 is a high-severity Path Traversal (CWE-22) vulnerability in Dagu Dagu. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-33344 is a path traversal vulnerability (CWE-22) in Dagu, an open-source workflow engine featuring a built-in Web user interface. The issue affects versions 2.0.0 through 2.3.0. Following a partial fix for CVE-2026-27598 that secured only the CREATE endpoint via ValidateDAGName and filepath.Base in generateFilePath, the GET, DELETE, RENAME, and EXECUTE API endpoints still pass the {fileName} URL path parameter directly to locateDAG without validation. This allows %2F-encoded forward slashes in the {fileName} segment to traverse outside the DAGs directory.

An attacker with low privileges (PR:L) can exploit this over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N), achieving high confidentiality (C:H) and integrity (I:H) impacts without affecting availability (A:N), as scored at CVSS 3.1 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). Low-privileged users can thus read sensitive files or modify arbitrary files outside the intended DAGs directory via these endpoints.

The vulnerability is patched in Dagu version 2.3.1. Mitigation details are available in the fixing commit at https://github.com/dagu-org/dagu/commit/7d07fda8f9de3ae73dfb081ccd0639f8059c56bb and the GitHub security advisory at https://github.com/dagu-org/dagu/security/advisories/GHSA-ph8x-4jfv-v9v8.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API…

more

endpoints - GET, DELETE, RENAME, EXECUTE - all pass the {fileName} URL path parameter to locateDAG without calling ValidateDAGName. %2F-encoded forward slashes in the {fileName} segment traverse outside the DAGs directory. This issue has been patched in version 2.3.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

Path traversal in public-facing web UI (T1190) directly enables arbitrary local file read (T1005) and stored data manipulation via modification (T1565.001) on GET/DELETE/RENAME/EXECUTE endpoints.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-31886Same product: Dagu Dagu
CVE-2026-31882Same product: Dagu Dagu
CVE-2026-33656Shared CWE-22
CVE-2026-26187Shared CWE-22
CVE-2025-61686Shared CWE-22
CVE-2025-66687Shared CWE-22
CVE-2025-26753Shared CWE-22
CVE-2025-44177Shared CWE-22
CVE-2023-42226Shared CWE-22
CVE-2026-39859Shared CWE-22

Affected Assets

dagu
dagu
2.0.0 — 2.3.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates untrusted filename inputs like {fileName} in API endpoints to block path traversal via %2F-encoded slashes.

prevent

Remediates the path traversal flaw by identifying and applying patches such as Dagu version 2.3.1.

prevent

Enforces access authorizations to limit low-privileged users from reading or modifying files outside the DAGs directory.

References