CVE 8.7 HIGH

Gotac｜Statistics Database System – Arbitrary File Read_CVE-2026-1022

January 15, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

AI Analysis

Arbitrary File Read vulnerability in Statistics Database System, allowing unauthenticated remote attackers to download arbitrary system files via Relative Path Traversal

Basic Information

ID CVE-2026-1022

Source twcert

Published Jan 16, 2026 at 03:33

Affected Product

Vendor Gotac

Product Statistics Database System

Affected Versions Gotac Statistics Database System 0

CWE Classification

CWE-23

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Gotac

Product Statistics Database System

References

{
    "lastseen": "",
    "description": "Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.",
    "published": "2026-01-16T03:33:46.923Z",
    "modified": "2026-01-16T03:33:46.923Z",
    "type": "cve",
    "title": "Gotac\uff5cStatistics Database System - Arbitrary File Read",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10639-813ad-1.html\nhttps://www.twcert.org.tw/en/cp-139-10640-0fd0b-2.html",
    "id": "CVE-2026-1022",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "Gotac Statistics Database System 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Statistics Database System",
    "version": "0",
    "vendor": "Gotac",
    "ai_description": "Arbitrary File Read vulnerability in Statistics Database System, allowing unauthenticated remote attackers to download arbitrary system files via Relative Path Traversal",
    "ai_severity": "High",
    "ai_vendor": "Gotac",
    "ai_product": "Statistics Database System",
    "ai_version": "0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply