PT-2026-39428 · Industrial Application · Canias Erp

B1Lal

Published

2026-05-10

Updated

2026-06-17

CVE-2026-8215

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03

Description A path traversal issue exists in the RMI Interface component. A remote attacker can exploit this by manipulating the m strSourceFileName argument within the iasRequestFileEvent() function. Path traversal is a technique that allows an attacker to access files and directories that are stored outside the intended folder by using special character sequences.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the RMI Interface component or the iasRequestFileEvent() function to minimize the risk of exploitation.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-8215

Affected Products

Canias Erp

PT-2026-39428 · Industrial Application · Canias Erp

CVE-2026-8215

Weakness Enumeration

Related Identifiers

Affected Products

References · 9