Security Advisory

CVE-2026-2692

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-19 02:02:06
Last updated 2026-02-24 01:45:15
Assigner VulDB
State PUBLISHED

Description

A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used.