CVE-2026-40547

NONE

Description

SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files previously added through the backup functionality. Critically, due to CVE-2026-40543 (Missing Authorization), any backup file can be read by any (unauthorized) user.

This issue affects SOPlanning version 1.55 and below.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

• NIST NVD
• MITRE CVE