Platform
other
Component
lanscope-endpoint-manager-on-premises-sub-manager-server
Fixed in
9.4.8
A critical path traversal vulnerability (CVE-2026-25785) has been identified in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server. This flaw allows attackers to potentially tamper with arbitrary files and execute arbitrary code on the affected system, leading to severe compromise. The vulnerability impacts versions of the Sub-Manager Server up to and including 9.4.7.3. A patch is expected to be released by the vendor.
The path traversal vulnerability in Lanscope Endpoint Manager allows an attacker to bypass intended access controls and manipulate files on the server. Successful exploitation could lead to complete system compromise, including data exfiltration, malware installation, and denial of service. An attacker could potentially modify configuration files, inject malicious code into legitimate processes, or gain persistent access to the network. The ability to execute arbitrary code significantly expands the attack surface and increases the potential for lateral movement within the environment. This vulnerability shares similarities with other path traversal exploits where attackers leverage improperly validated user input to navigate outside of intended directories.
CVE-2026-25785 was publicly disclosed on 2026-02-25. The EPSS score is pending evaluation. No public proof-of-concept exploits are currently known. Monitor CISA advisories and Lanscope's security bulletins for updates and potential exploitation campaigns.
Exploit Status
EPSS
0.12% (31% percentile)
CISA SSVC
CVSS Vector
Due to the lack of a currently available patch, immediate mitigation strategies are crucial. Implement strict access controls to limit user privileges and restrict file system access. Consider using a Web Application Firewall (WAF) to filter requests and block attempts to traverse directories. Monitor system logs for suspicious activity, particularly attempts to access unusual file paths. While a direct fix is pending, carefully review Lanscope Endpoint Manager's configuration and ensure that all unnecessary services and ports are disabled. After a patch is released, promptly apply it and verify its effectiveness by attempting to reproduce the vulnerability in a test environment.
Update Lanscope Endpoint Manager (On-Premises) Sub-Manager Server to a version later than 9.4.7.3. Consult the vendor website (MOTEX Inc.) for the latest version and update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-25785 is a critical path traversal vulnerability in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server versions up to 9.4.7.3, allowing attackers to manipulate files and potentially execute code.
You are affected if you are using Lanscope Endpoint Manager (On-Premises) Sub-Manager Server version 9.4.7.3 or earlier.
Apply the vendor-provided patch as soon as it becomes available. Until then, implement mitigation strategies like access controls and WAF rules.
Currently, no public proof-of-concept exploits are known, but active exploitation is possible. Monitor security advisories and system logs.
Refer to Lanscope's official security bulletins and website for the latest information and advisory regarding CVE-2026-25785.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.