CVE-2026-10074

Vulnerability

DreamMaker by Interinfo, specifically the Java Composer version 2.2 and earlier, contains an arbitrary file read vulnerability due to improper handling of file paths. A privileged local attacker can exploit a relative path traversal to read arbitrary system files outside the intended directory [1][2].

Exploitation

An attacker must have local access with administrative privileges on the system where DreamMaker is installed. By crafting requests with relative path traversal sequences (e.g., ../), the attacker can navigate the filesystem and download files that should not be accessible [1][2].

Impact

Successful exploitation allows the attacker to read arbitrary system files, leading to disclosure of sensitive information such as configuration files, credentials, or other confidential data. The CVSS v3.1 score is 4.9 (Medium) with high confidentiality impact and no impact on integrity or availability [1][2].

Mitigation

The vendor recommends updating DreamMaker Java Composer to a version later than 2.2. The advisory indicates a fix is available, but the exact patched version is not specified in the provided references [1][2]. No workaround is documented, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.