CVE-2026-0522

Published: Apr 01, 2026 Last Modified: Apr 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,4
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A

Description

AI Translation Available

A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read arbitrary files from the server by manipulating a file's path during its upload. When the file is subsequently downloaded, the file in the attacker controlled path is returned. Due to the application's ASP.NET architecture, this could potentially lead to remote code execution when the 'web.config' file is obtained. Furthermore, the application resolves UNC paths which may enable NTLM-relaying attacks.

This issue affects VertiGIS FM: 10.5.00119 (0d29d428).

610

Externally Controlled Reference to a Resource in Another Sphere

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control
Potential Impacts:
Read Application Data Modify Application Data Gain Privileges Or Assume Identity
Applicable Platforms
All platforms may be affected
View CWE Details
https://support.vertigis.com/hc/en-us/articles/312144331370…
https://support.vertigis.com/hc/en-us/articles/31214433137042-Security-Vulnerab…
https://www.redguard.ch/blog/2026/04/01/advisory-vertigis-v…
https://www.redguard.ch/blog/2026/04/01/advisory-vertigis-vertigisfm/