{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T21:26:53.942","vulnerabilities":[{"cve":{"id":"CVE-2026-28286","sourceIdentifier":"security-advisories@github.com","published":"2026-03-02T17:16:33.610","lastModified":"2026-03-05T15:16:02.397","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. However, when interacting directly with the API, the restrictions are bypass-able. By sending a crafted request targeting paths like /etc, /usr, or other sensitive system directories, the API successfully creates files or directories in locations where normal users should have no write access. This indicates that the API does not properly validate the target path, allowing unauthorized operations on critical system directories. No known patch is publicly available."},{"lang":"es","value":"ZimaOS es una bifurcación de CasaOS, un sistema operativo para dispositivos Zima y sistemas x86-64 con UEFI. En la versión 1.5.2-beta3, la aplicación impone restricciones en el frontend/UI para evitar que los usuarios creen archivos o carpetas en rutas internas del sistema operativo. Sin embargo, al interactuar directamente con la API, las restricciones son eludibles. Al enviar una solicitud manipulada dirigida a rutas como /etc, /usr u otros directorios sensibles del sistema, la API crea con éxito archivos o directorios en ubicaciones donde los usuarios normales no deberían tener acceso de escritura. Esto indica que la API no valida correctamente la ruta de destino, permitiendo operaciones no autorizadas en directorios críticos del sistema. No hay ningún parche conocido disponible públicamente."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-73"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zimaspace:zimaos:1.5.2:beta3:*:*:*:*:*:*","matchCriteriaId":"2DB5C60C-7888-4BE5-9FB2-AD34BFB45CAE"}]}]}],"references":[{"url":"https://github.com/IceWhaleTech/ZimaOS/security/advisories/GHSA-65mg-9gw5-vr7g","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}