High severity8.0NVD Advisory· Published Apr 13, 2022· Updated Jun 17, 2026
CVE-2022-28052
CVE-2022-28052
Description
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: =2.6.0
Patches
Vulnerability mechanics
References
2- github.com/Hyperkopite/Roothub_vulns/blob/main/arbitrary%20file%20upload.mdnvdExploitThird Party Advisory
- github.com/miansen/Roothub/tree/v2.6nvdThird Party Advisory
News mentions
0No linked articles in our index yet.