Plattform
nodejs
Komponente
oneuptime
Behoben in
10.0.22
CVE-2026-30958 describes a Path Traversal vulnerability discovered in OneUptime, a solution for monitoring and managing online services. This vulnerability allows unauthenticated attackers to read arbitrary files from the server's filesystem. The issue affects versions of OneUptime prior to 10.0.21 and has been resolved in version 10.0.21.
The primary impact of CVE-2026-30958 is the potential for unauthorized access to sensitive data stored on the OneUptime server. An attacker exploiting this vulnerability could read configuration files, database credentials, source code, or any other file accessible to the web server process. This could lead to complete system compromise, data breaches, and further malicious activity. The lack of authentication for the vulnerable endpoint significantly broadens the attack surface, making exploitation relatively straightforward.
CVE-2026-30958 was publicly disclosed on 2026-03-10. While no public exploits are currently known, the ease of exploitation due to the unauthenticated nature of the vulnerability suggests a medium probability of exploitation (EPSS score likely medium). The vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing OneUptime for service monitoring and management, particularly those running versions prior to 10.0.21, are at risk. Shared hosting environments where OneUptime is deployed alongside other applications are especially vulnerable, as a compromise of OneUptime could potentially lead to lateral movement and impact other tenants.
• nodejs / server:
find /var/log/oneuptime -type f -name '*.log' | grep -i "/workflow/docs/" • generic web:
curl -I 'http://<oneuptime_ip>/workflow/docs/../../../../etc/passwd' # Attempt to access sensitive filesdisclosure
Exploit-Status
EPSS
0.14% (35% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-30958 is to immediately upgrade OneUptime to version 10.0.21 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the /workflow/docs/:componentName endpoint. Alternatively, restrict access to the OneUptime server to trusted networks and implement strict file system permissions to limit the potential damage from a successful exploit. Carefully review the OneUptime configuration to ensure no sensitive data is stored in easily accessible locations. After upgrade, confirm the vulnerability is resolved by attempting to access the /workflow/docs/:componentName endpoint with a crafted componentName parameter; the request should be denied.
Aktualisieren Sie OneUptime auf Version 10.0.21 oder höher. Diese Version behebt die Path-Traversal-Schwachstelle, die das Lesen beliebiger Dateien ohne Authentifizierung ermöglicht. Das Update kann über das OneUptime-Admin-Panel oder gemäß den vom Anbieter bereitgestellten Update-Anweisungen durchgeführt werden.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-30958 is a Path Traversal vulnerability affecting OneUptime versions before 10.0.21. It allows unauthenticated attackers to read arbitrary files from the server's filesystem.
Yes, if you are running OneUptime version 10.0.21 or earlier, you are vulnerable to this Path Traversal vulnerability.
Upgrade OneUptime to version 10.0.21 or later to resolve this vulnerability. Consider WAF rules as a temporary mitigation.
Currently, there are no confirmed reports of active exploitation, but the vulnerability's ease of exploitation suggests potential for future attacks.
Refer to the OneUptime official security advisory for detailed information and updates regarding CVE-2026-30958.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.