CVE-2026-3188 is a path traversal vulnerability identified in the feiyuchuixue sz-boot-parent software component, specifically affecting versions up to 1.3.2-beta. The vulnerability resides in the API endpoint /api/admin/common/download/templates, where the templateName parameter is insufficiently validated. An attacker can manipulate this parameter to traverse the file system directory structure, potentially accessing sensitive files outside the intended directory scope. This type of vulnerability arises when user input is not properly sanitized, allowing directory traversal sequences (e.g., ../) to access restricted files. The vulnerability is remotely exploitable without requiring authentication or user interaction, making it accessible to unauthenticated attackers over the network. The vendor has released a patch in version 1.3.3-beta that introduces path validity checks to ensure that the templateName parameter cannot be used to access unauthorized paths. The patch is identified by commit aefaabfd7527188bfba3c8c9eee17c316d094802. While no active exploitation has been observed in the wild, a public exploit is available, increasing the risk of attacks. The CVSS 4.0 base score is 5.3, reflecting medium severity due to the ease of exploitation and potential confidentiality impact, but limited integrity and availability impact. The vulnerability does not require privileges or user interaction, and the scope is limited to the affected component. Organizations using the vulnerable versions should prioritize upgrading to the fixed version to prevent unauthorized file access and potential data leakage.

The primary impact of this vulnerability is unauthorized disclosure of sensitive files on affected systems. Attackers exploiting this flaw can read arbitrary files accessible to the application process, potentially exposing configuration files, credentials, or other sensitive data. This can lead to further compromise if attackers gain information to escalate privileges or move laterally within the network. Although the vulnerability does not directly affect system integrity or availability, the confidentiality breach can have significant consequences, including data leaks, intellectual property theft, or exposure of internal system details. Since the vulnerability is remotely exploitable without authentication, it poses a risk to any exposed instances of the vulnerable software, especially in internet-facing environments. Organizations relying on feiyuchuixue sz-boot-parent 1.3.2-beta or earlier versions may face increased risk of targeted attacks or opportunistic scanning. The availability of a public exploit increases the likelihood of exploitation attempts. The impact is particularly critical for organizations handling sensitive or regulated data, as unauthorized file access could violate compliance requirements and damage reputation.

To mitigate this vulnerability, organizations should upgrade the feiyuchuixue sz-boot-parent component to version 1.3.3-beta or later, which contains the official patch implementing path validity checks on the templateName parameter. If immediate upgrade is not feasible, organizations should implement strict input validation and sanitization on the templateName parameter to prevent directory traversal sequences. Deploying web application firewalls (WAFs) with rules to detect and block path traversal attempts targeting the /api/admin/common/download/templates endpoint can provide temporary protection. Restricting network access to the vulnerable API endpoint through segmentation or firewall rules can reduce exposure. Additionally, monitoring logs for suspicious requests containing directory traversal patterns can help detect exploitation attempts early. Regularly auditing file permissions and ensuring the application runs with the least privilege necessary will limit the impact of any successful exploit. Finally, organizations should stay informed about updates from the vendor and apply security patches promptly to maintain protection.