CVE-2026-31817
OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
CVSS Score
8.5
EPSS Score
0.0%
EPSS Percentile
0th
OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file path, allowing an attacker to use directory traversal sequences (e.g., ../../../) to write files to arbitrary locations on the filesystem. This vulnerability is fixed in 3000.11.2.
| CWE | CWE-22 |
| Vendor | olivetin |
| Product | olivetin |
| Published | Mar 10, 2026 |
| Last Updated | Mar 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for olivetin olivetin
Be the first to know when new high vulnerabilities affecting olivetin olivetin are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
Low
Affected Versions
OliveTin / OliveTin
< 3000.11.2