CVE-2026-6568
Published: 19 April 2026
Summary
CVE-2026-6568 is a medium-severity Path Traversal (CWE-22) vulnerability in Wetolink (inferred from references). Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-6568 is a path traversal vulnerability (CWE-22) affecting kodcloud KodExplorer versions up to 4.52. The issue resides in the Public Share Handler component, specifically the initShareOld function within the file /app/controller/share.class.php, where manipulation of the 'path' argument enables attackers to traverse directories outside the intended scope.
The vulnerability is remotely exploitable with low complexity, requiring no privileges or user interaction, as reflected in its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Any unauthenticated remote attacker can initiate the exploit to achieve limited impacts on confidentiality, integrity, and availability, such as reading, modifying, or disrupting access to files beyond the application's share directory boundaries.
VulDB advisories, including those at the provided references, confirm the exploit has been publicly disclosed and may be utilized. The vendor was contacted early regarding the issue but provided no response, leaving no official patches or mitigation guidance available.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-23694
Vulnerability details
A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated remotely.…
more
The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal vulnerability in public-facing web app (KodExplorer share handler) allows remote unauthenticated exploitation for file access outside intended boundaries, directly mapping to T1190.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of the manipulated 'path' argument in the public share handler to block directory traversal sequences like '../'.
Enforces logical access controls to restrict file operations outside the intended share directory boundaries despite path manipulation.
Mandates identification, prioritization, and remediation of the specific path traversal flaw in KodExplorer's initShareOld function.