CVE-2026-40724

Summary

CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions.

Affected Software

VendorProductVersion RangeStatus
Client Portal Ltd.Client Portal (Pro)n/a <= 5.6.2affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References