PT-2026-50672 · Ubb Systems · Ubb.Threads
Kamil Szczurowski
+1
·
Published
2026-06-18
·
Updated
2026-06-18
·
CVE-2026-54223
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
UBB.threads version 7.7.5
Description
Path traversal allows attackers with privileges to edit templates to read and write any file on the application server that the application has permissions to access. This can lead to Remote Code Execution, which is the ability to execute arbitrary commands on the target machine.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ubb.Threads