docuFORM Managed Print Service Client Directory Traversal Vulnerability Allowing Arbitrary File Read

Vulnerability

A directory traversal vulnerability has been identified in docuFORM Managed Print Service Client version 11.11c. This vulnerability allows attackers to read arbitrary files by exploiting crafted URLs. The issue arises from improper validation of user-supplied input used to construct file paths, enabling attackers to escape restricted directories and access sensitive files on the underlying file system. The vulnerability can be exploited remotely via unauthenticated requests.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files outside the application's designated directory, including configuration files, application source code, system files, and user-specific data.

Added: May 11, 2026, 4:49 PM

Updated: May 11, 2026, 4:49 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

8.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

8.0

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

docuFORM Managed Print Service Client Directory Traversal Vulnerability Allowing Arbitrary File Read

Vulnerability

Impact

Affected Products

docuFORM Managed Print Service Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating