Observable Response Discrepancy in Erlang OTP's SFTP Module Affects Multiple Versions
CVE-2026-53422
2.3LOW
What is CVE-2026-53422?
The vulnerability in Erlang OTP's ssh_sftpd module allows authenticated SFTP users to exploit differences in server responses for specific path requests. By sending crafted REALPATH requests, attackers can identify the existence of files and directories outside the configured root directory. This issue arises due to the handler's failure to properly validate and canonicalize paths, potentially enabling unauthorized insights into sensitive filesystem structures without granting access to the actual file contents. The information exposed could be leveraged for further attacks, particularly in conjunction with other known vulnerabilities.
Affected Version(s)
OTP 3.0.1
OTP 17.0
OTP 84adefa331c4159d432d22840663c38f155cd4c1
References
CVSS V4
Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Mohamed Ali IBNAL HAJALI / Ericsson
Michał Wąsowski
Jakub Witczak
