CVE-2026-30345 - Vulnerability Analysis
N/aLast Updated: March 18, 2026
CTFd - Path Traversal
Published: March 18, 2026Updated: March 18, 2026PoC Available
Overview
CTFd v3.8.1-18-gdb5a18c4 contains a path traversal caused by crafted import in Admin import functionality, letting attackers write arbitrary files outside intended directories, exploit requires no special privileges.
Severity & Score
Severity: N/a
Impact
Attackers can write arbitrary files outside intended directories, potentially leading to system compromise or data tampering.
Mitigation
Update to the latest version of CTFd.
References
Related Resources
Details
- CVE ID
- CVE-2026-30345
- Severity
- N/a
- Type
- path_traversal
- Status
- new
CVSS Metrics
N/A