This path traversal vulnerability impacts the Public Share Handler component of kodcloud KodExplorer. Remote attackers can manipulate the path argument to access arbitrary files outside of the intended restricted directory on the affected server. The exploit has been publicly disclosed, and the vendor has not responded to the disclosure.
Remediation
Restrict access to the public share functionality of KodExplorer to only trusted users until an official patch is released. Check the official kodcloud KodExplorer repository for security updates and upgrade to the latest patched version as soon as it becomes available. Implement WAF rules to block malicious path traversal attempts as a temporary mitigation.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. Potential exploit details can be searched in Exploit-DB or GitHub.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.