Scan free
CRITICALCVE-2026-25785CVSS 9.8

CVE-2026-25785: Path Traversal in Lanscope Endpoint Manager

Platform

other

Component

lanscope-endpoint-manager-on-premises-sub-manager-server

Fixed in

9.4.8

AI Confidence: highNVDEPSS 0.1%Reviewed: May 2026
View on NVD
Save

A critical path traversal vulnerability (CVE-2026-25785) has been identified in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server. This flaw allows attackers to potentially tamper with arbitrary files and execute arbitrary code on the affected system, leading to severe compromise. The vulnerability impacts versions of the Sub-Manager Server up to and including 9.4.7.3. A patch is expected to be released by the vendor.

Impact and Attack Scenarios

The path traversal vulnerability in Lanscope Endpoint Manager allows an attacker to bypass intended access controls and manipulate files on the server. Successful exploitation could lead to complete system compromise, including data exfiltration, malware installation, and denial of service. An attacker could potentially modify configuration files, inject malicious code into legitimate processes, or gain persistent access to the network. The ability to execute arbitrary code significantly expands the attack surface and increases the potential for lateral movement within the environment. This vulnerability shares similarities with other path traversal exploits where attackers leverage improperly validated user input to navigate outside of intended directories.

Exploitation Context

CVE-2026-25785 was publicly disclosed on 2026-02-25. The EPSS score is pending evaluation. No public proof-of-concept exploits are currently known. Monitor CISA advisories and Lanscope's security bulletins for updates and potential exploitation campaigns.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh
Reports4 threat reports

EPSS

0.12% (31% percentile)

CISA SSVC

Exploitationnone
Automatableyes
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentlanscope-endpoint-manager-on-premises-sub-manager-server
VendorMOTEX Inc.
Affected rangeFixed in
Ver.9.4.7.3 and earlier – Ver.9.4.7.3 and earlier9.4.8

Weakness Classification (CWE)

CWE-22

Timeline

  1. Reserved
  2. Published
  3. EPSS updated
Unpatched — 88 days since disclosure

Mitigation and Workarounds

Due to the lack of a currently available patch, immediate mitigation strategies are crucial. Implement strict access controls to limit user privileges and restrict file system access. Consider using a Web Application Firewall (WAF) to filter requests and block attempts to traverse directories. Monitor system logs for suspicious activity, particularly attempts to access unusual file paths. While a direct fix is pending, carefully review Lanscope Endpoint Manager's configuration and ensure that all unnecessary services and ports are disabled. After a patch is released, promptly apply it and verify its effectiveness by attempting to reproduce the vulnerability in a test environment.

How to fix

Update Lanscope Endpoint Manager (On-Premises) Sub-Manager Server to a version later than 9.4.7.3. Consult the vendor website (MOTEX Inc.) for the latest version and update instructions.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-25785 — Path Traversal in Lanscope Endpoint Manager?

CVE-2026-25785 is a critical path traversal vulnerability in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server versions up to 9.4.7.3, allowing attackers to manipulate files and potentially execute code.

Am I affected by CVE-2026-25785 in Lanscope Endpoint Manager?

You are affected if you are using Lanscope Endpoint Manager (On-Premises) Sub-Manager Server version 9.4.7.3 or earlier.

How do I fix CVE-2026-25785 in Lanscope Endpoint Manager?

Apply the vendor-provided patch as soon as it becomes available. Until then, implement mitigation strategies like access controls and WAF rules.

Is CVE-2026-25785 being actively exploited?

Currently, no public proof-of-concept exploits are known, but active exploitation is possible. Monitor security advisories and system logs.

Where can I find the official Lanscope advisory for CVE-2026-25785?

Refer to Lanscope's official security bulletins and website for the latest information and advisory regarding CVE-2026-25785.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs