CVE-2026-58192

Appium · Appium

A path traversal vulnerability in Appium allows unauthenticated remote attackers to perform unauthorized file operations via improper limitation of pathnames.

Executive summary

An unauthenticated path traversal vulnerability in Appium enables attackers to perform unauthorized file system operations, posing a high risk to system integrity.

Vulnerability

This vulnerability involves improper limitation of pathnames (CWE-22) and external control of file paths (CWE-73). An unauthenticated attacker can exploit this to traverse directories and interact with files outside of the intended storage directory, leading to unauthorized file access or manipulation.

Business impact

With a CVSS score of 8.6, this vulnerability represents a significant threat to the security of the automation environment. Unauthorized file access can lead to the compromise of sensitive configuration files, automation scripts, or application data, potentially allowing an attacker to escalate their impact within the environment.

Remediation

Immediate Action: Upgrade the Appium storage plugin to version 1.1.6 or later to enforce proper path validation and prevent traversal.

Proactive Monitoring: Monitor file access logs for unexpected read or write requests to sensitive system paths originating from the Appium service account.

Compensating Controls: Ensure the Appium service runs with the principle of least privilege, restricting its file system access to only the directories absolutely necessary for its function.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Security teams must prioritize patching this vulnerability to prevent potential unauthorized file manipulation. Verify that all instances of the Appium storage plugin are updated to the latest version to mitigate the risk of directory traversal attacks.