CVE-2026-9102
CWE-22Published: May 20, 2026· Updated: May 21, 2026
Official Description
A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended temporary upload directory and write arbitrary files to any location on the server filesystem.
Because content-controlled files can be written to web-accessible directories, this can be escalated to remote code execution in the context of the service account. It can also be used to overwrite application binaries or configuration files, leading to service takeover or denial of service.
Risk Analysis
This critical path traversal vulnerability in Altium Enterprise Server ComparisonService allows an authenticated user to write arbitrary files to any location on the server filesystem. The flaw is due to missing filename sanitization in Gerber file upload APIs. With a CVSSv4 score of 9.4, this can be escalated to remote code execution or service takeover by overwriting application binaries or configuration files.
No public exploit is currently known for this vulnerability. The vulnerability is remotely exploitable by an authenticated user over the network with low attack complexity.
Organizations using Altium Enterprise Server should apply available patches to address the filename sanitization issue. Implement robust input validation for uploaded filenames and restrict write permissions to critical directories.
Technical Analysis
CVE-2026-9102 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
All References (1)
Quick Facts
Related CVEs (CWE-22)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-9102 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts