CVE Catalog

CVE-2026-53476

CriticalCVSS 9.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

A flaw was found in assisted-migration-agent that allows an unauthenticated attacker on the same local area network to exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system.

Risk Assessment

This vulnerability could lead to the execution of unauthorized code on the appliance, posing a serious threat to the security of the system and the organization's data.

Recommendation

It is recommended to update the assisted-migration-agent to the latest version and implement appropriate security measures to restrict access to the local area network.

Original NVD description (English source)

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system. This could ultimately lead to the execution of unauthorized code on the appliance.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS