CVE-2026-58192
Appium · Appium
A path traversal vulnerability in Appium allows unauthenticated remote attackers to perform unauthorized file operations via improper limitation of pathnames.
Executive summary
An unauthenticated path traversal vulnerability in Appium enables attackers to perform unauthorized file system operations, posing a high risk to system integrity.
Vulnerability
This vulnerability involves improper limitation of pathnames (CWE-22) and external control of file paths (CWE-73). An unauthenticated attacker can exploit this to traverse directories and interact with files outside of the intended storage directory, leading to unauthorized file access or manipulation.
Business impact
With a CVSS score of 8.6, this vulnerability represents a significant threat to the security of the automation environment. Unauthorized file access can lead to the compromise of sensitive configuration files, automation scripts, or application data, potentially allowing an attacker to escalate their impact within the environment.
Remediation
Immediate Action: Upgrade the Appium storage plugin to version 1.1.6 or later to enforce proper path validation and prevent traversal.
Proactive Monitoring: Monitor file access logs for unexpected read or write requests to sensitive system paths originating from the Appium service account.
Compensating Controls: Ensure the Appium service runs with the principle of least privilege, restricting its file system access to only the directories absolutely necessary for its function.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Security teams must prioritize patching this vulnerability to prevent potential unauthorized file manipulation. Verify that all instances of the Appium storage plugin are updated to the latest version to mitigate the risk of directory traversal attacks.