CVE-2026-53476
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
A flaw was found in assisted-migration-agent that allows an unauthenticated attacker on the same local area network to exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system.
Risk Assessment
This vulnerability could lead to the execution of unauthorized code on the appliance, posing a serious threat to the security of the system and the organization's data.
Recommendation
It is recommended to update the assisted-migration-agent to the latest version and implement appropriate security measures to restrict access to the local area network.
Original NVD description (English source)
A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system. This could ultimately lead to the execution of unauthorized code on the appliance.

