Home

Description

Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via simple web requests

PUBLISHED Reserved 2026-02-19 | Published 2026-02-19 | Updated 2026-02-19 | Assigner NCSC-FI




CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unknown

8
affected

9 (custom) before 9.19.7
affected

9.20.0 (custom) before 9.20.3
affected

9.21.0
unaffected

10
unaffected

Timeline

2026-01-15:Vulnerability reported to vendor.
2026-01-15:Vendor confirmed the vulnerability.
2026-01-18:Vendor released a fix version of the product and published security advisory.

Credits

Jonas Vestberg, Reversec Sweden AB finder

References

doc.dynamicweb.dev/...tals/dw10release/security-reports.html

cve.org (CVE-2026-2731)

nvd.nist.gov (CVE-2026-2731)

Download JSON