Home

Description

Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf messages with traversal sequences to enumerate filesystem paths and probe arbitrary files.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-10 | Updated 2026-06-10 | Assigner VulnCheck




MEDIUM: 6.3CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

MEDIUM: 4.8CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Problem types

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

Any version before 12.2
affected

12.2 (custom)
unaffected

Credits

Sean Nejad (@allsmog) reporter

References

github.com/...ghidra/security/advisories/GHSA-8pr2-46mf-v2r2 exploit

github.com/...ghidra/security/advisories/GHSA-8pr2-46mf-v2r2 (GitHub Security Advisory (GHSA-8pr2-46mf-v2r2)) vendor-advisory

www.vulncheck.com/...d-path-traversal-in-debugger-isf-server third-party-advisory

cve.org (CVE-2026-52756)

nvd.nist.gov (CVE-2026-52756)

Download JSON