{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-4542","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2026-03-21T15:17:30.652Z","datePublished":"2026-03-22T08:35:10.929Z","dateUpdated":"2026-04-18T03:38:56.405Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2026-04-18T03:38:56.405Z"},"title":"SSCMS layerImage Endpoint LayerImageController.Submit.cs path traversal","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-22","lang":"en","description":"Path Traversal"}]}],"affected":[{"vendor":"n/a","product":"SSCMS","versions":[{"version":"4.7.0","status":"affected"}],"cpes":["cpe:2.3:a:sscms:sscms:*:*:*:*:*:*:*:*"],"modules":["layerImage Endpoint"]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has been disclosed to the public and may be used."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.4,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.4,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.5,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2026-03-21T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2026-03-21T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2026-03-22T11:28:01.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Saul1213 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/vuln/352359","name":"VDB-352359 | SSCMS layerImage Endpoint LayerImageController.Submit.cs path traversal","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/vuln/352359/cti","name":"VDB-352359 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/submit/774689","name":"Submit #774689 | SSCMS V4.7.0 SSCMS  Arbitrary File Deletion","tags":["third-party-advisory"]},{"url":"https://www.yuque.com/la12138/pa2fpb/vlyutc51eb7vhwaz?singleDoc","tags":["exploit"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-23T16:21:37.574176Z","id":"CVE-2026-4542","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-23T16:39:46.684Z"}}]}}