FreeScout has Zip Slip path traversal in module installation that...

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Description

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, FreeScout's module installation feature extracts ZIP archives without validating file paths, allowing an authenticated admin to write files arbitrarily on the server filesystem via a specially crafted ZIP. Version 1.8.215 fixes the vulnerability.

AI Analysis

Zip Slip path traversal vulnerability in FreeScout's module installation feature, allowing arbitrary file write and potentially leading to remote code execution

Basic Information

ID CVE-2026-41193

Source GitHub_M

Published Apr 21, 2026 at 17:15

Affected Product

Vendor freescout-help-desk

Product freescout

Version < 1.8.215

Affected Versions freescout-help-desk freescout < 1.8.215

CWE Classification

CWE-22

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor FreeScout

Product FreeScout Help Desk

Version < 1.8.215

References

{
    "lastseen": "",
    "description": "FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, FreeScout's module installation feature extracts ZIP archives without validating file paths, allowing an authenticated admin to write files arbitrarily on the server filesystem via a specially crafted ZIP. Version 1.8.215 fixes the vulnerability.",
    "published": "2026-04-21T17:15:26.236Z",
    "modified": "2026-04-21T17:15:26.236Z",
    "type": "cve",
    "title": "FreeScout has Zip Slip path traversal in module installation that allows arbitrary file write leading to RCE",
    "source": "GitHub_M",
    "references": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-r85m-5mc9-cc9w\nhttps://github.com/freescout-help-desk/freescout/commit/14f17a5cd22d217103a72b431b47b1f06996227b\nhttps://github.com/freescout-help-desk/freescout/releases/tag/1.8.215",
    "id": "CVE-2026-41193",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "freescout-help-desk freescout < 1.8.215",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "freescout",
    "version": "< 1.8.215",
    "vendor": "freescout-help-desk",
    "ai_description": "Zip Slip path traversal vulnerability in FreeScout's module installation feature, allowing arbitrary file write and potentially leading to remote code execution",
    "ai_severity": "Critical",
    "ai_vendor": "FreeScout",
    "ai_product": "FreeScout Help Desk",
    "ai_version": "< 1.8.215",
    "ai_score": 9.1
}

FreeScout has Zip Slip path traversal in module installation that allows arbitrary file write leading to RCE_CVE-2026-41193