Vulnerability Details CVE-2026-0805
An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.9%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2026-0805
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.0
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.1
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.2
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.3
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.4
-
cpe:2.3:a:craftycontrol:crafty_controller:4.5.5
-
cpe:2.3:a:craftycontrol:crafty_controller:4.6.1
-
cpe:2.3:a:craftycontrol:crafty_controller:4.6.2