CVE-2026-33529 in zoraxyinformación

Resumen (Inglés)

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a plugin. Version 3.3.2 patches the issue.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

GitHub_M

Reservar

2026-03-20

Divulgación

2026-03-26

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
353746	tobychui zoraxy Configuration Import recorrido de directorios	22	No está definido	Arreglo oficial	CVE-2026-33529

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!