Path Traversal in Kenik cameras_CVE-2026-7766

8.3 / 10

HIGH

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Description

Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server.

The issue was fixed in version 2026-04-23 of the KG-5260xxxx-IL-(G)2 cameras.
Rest of the products were fixed in version 2025-04-21.

Basic Information

ID CVE-2026-7766

Source CERT-PL

Published May 25, 2026 at 11:16

Affected Product

Vendor Kenik

Product KG-5230TAS-IL-3

Affected Versions Kenik KG-5230TAS-IL-3 0
Kenik KG-5230TAS-IL-G3 0
Kenik KG-5230DAS-IL-G3 0
Kenik KG-5260TZAS-IL-3 0
Kenik KG-5260DZAS-IL-3 0
Kenik KG-5260TZAS-IL-G3 0
Kenik KG-5260DZAS-IL-G3 0
Kenik KG-5260xxxx-IL-(G)2 0

CWE Classification

CWE-22

References

cert.pl /posts/2026/05/CVE-2026-7766

{
    "lastseen": "",
    "description": "Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server.\n\nThe issue was fixed in version 2026-04-23 of the\u00a0KG-5260xxxx-IL-(G)2 cameras.\nRest of the products were fixed in version\u00a02025-04-21.",
    "published": "2026-05-25T11:16:22.837Z",
    "modified": "2026-05-25T11:16:22.837Z",
    "type": "cve",
    "title": "Path Traversal in Kenik cameras",
    "source": "CERT-PL",
    "references": "https://cert.pl/posts/2026/05/CVE-2026-7766",
    "id": "CVE-2026-7766",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Kenik KG-5230TAS-IL-3 0\nKenik KG-5230TAS-IL-G3 0\nKenik KG-5230DAS-IL-G3 0\nKenik KG-5260TZAS-IL-3 0\nKenik KG-5260DZAS-IL-3 0\nKenik KG-5260TZAS-IL-G3 0\nKenik KG-5260DZAS-IL-G3 0\nKenik KG-5260xxxx-IL-(G)2 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "KG-5230TAS-IL-3",
    "version": "0",
    "vendor": "Kenik",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}