Threat Intel

v0.1

← CVEs

CVE-2026-33686

HIGH 8.8
Published
2026-03-26
Last Modified
2026-04-01
Affected Apps
2
Affected Devices
104
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 have a path traversal vulnerability in the FileUtil class. The application fails to sanitize file extensions properly, allowing path separators to be passed into the storage layer. In `src/Utils/FileUtil.php`, the `FileUtil::explodeExtension()` function extracts a file's extension by splitting the filename at the last dot. This issue has been patched in version 9.20.0 by properly sanitizing the extension using `pathinfo(PATHINFO_EXTENSION)` instead of `strrpos()`, alongside applying strict regex replacements to both the base name and the extension.
Affected Applications in Environment 2
SHARP v1.0.0.0
103 devices
SHARP
1 device
Affected Devices 104
DPADMS-GFZQB54 Windows DPADVS-L2273Y4T Windows DPAPSB-L1182PB7 Windows DPAPSB-L23025SQ Windows DPAPSB-L5163CCC Windows DPAPSB-PW0KMWGT Windows DPART-BHT52G4 Windows DPART-CBLT3J4 Windows DPASTE-954912FV Windows DPAVTE-3977B74 Windows DPAVTE-B58YMD4 Windows DPBIOL-L2273Y4G Windows DPBIOL-L2273Y65 Windows DPCDDE-2BPL3Q3 Windows DPCDDE-3DSL3Q3 Windows DPCDDE-C0VM3Q3 Windows DPCDDE-DDSL3Q3 Windows DPCDDE-L9234G0X Windows DPCOUN-425413P7 Windows DPDNGS-742BYW3 Windows DPDNNR-870Z0M2 Windows DPDNNR-L9194BB9 Windows DPDNNR-MZ00KGER Windows DPDNNR-Y604B075 Windows DPDNNR-YL016RNE Windows DPEBWN-7X5K4Y3 Windows DPEDUC-G0148GNK Windows DPEDUC-L02433KX Windows DPEECE-DKX8894 Windows DPEFSN-29F0DS2 Windows DPEFSN-H4ZZ324 Windows DPENGL-7MLK5H4 Windows DPENGL-9L66203 Windows DPENGL-CFV56X3 Windows DPENVH-5JJSFD4 Windows DPEXAN-4HB4273 Windows DPEXYP-5DLGF94 Windows DPEXYP-9LRP2R2 Windows DPFCHD-3GT8SH4 Windows DPFCHD-6P09GH4 Windows DPFCHD-7P09GH4 Windows DPFCHD-89HKGH4 Windows DPFOOD-3FFN6C4 Windows DPFOOD-4KBMK74 Windows DPFOOD-5176000F Windows DPFOOD-621MK74 Windows DPFOOD-6X5BK74 Windows DPFOOD-D1370C1N Windows DPHSNG-34Y86X3 Windows DPHSNG-4BTKF24 Windows DPHSNG-BMX3K74 Windows DPHSNG-DMX3CW3 Windows DPHSNG-T800122X Windows DPHSOB-48HZ184 Windows DPHSOB-D0B3N94 Windows DPHSOB-J23493BF Windows DPIESV-02433CM Windows DPIESV-84383WRJ Windows DPIESV-84383WV3 Windows DPIESV-85173WZL Windows DPIESV-D232D9FQ Windows DPIESV-D312KVQL Windows DPIESV-D44183XD Windows DPIESV-D441840M Windows DPIESV-HLXQGD4 Windows DPINFT-L2273Y69 Windows DPMATH-6214200C Windows DPMATH-9DTB043 Windows DPMATH-L1182P8P Windows DPMATH-L1182P94 Windows DPPDP-XL2273Y49 Windows DPPERS-5VGC9G4 Windows DPPERS-6VLH453 Windows DPPERS-84481QJ2 Windows DPPERS-FC8R0J4 Windows DPPSYC-24KNQW3 Windows DPSLFC-L9234G08 Windows DPSLFC-L9294JPG Windows DPSOTS-HXCMBC4 Windows DPSPED-4J65QH4 Windows DPSPED-6K4KW54 Windows DPSTUD-D6PSRT3 Windows DPSTUD-GC3CRN3 Windows DPTLTC-PF60B4WB Windows DPUNCL-2KX35Y3 Windows DPVCLS-DYS4CB4 Windows DPVPON-3Z6C674 Windows GEAR-MK-JONES-3 Windows HDFC-594757 Windows MOAB-KIOSK-B Windows USU-4DFQ25523R3 Windows USU-5CG10741Q4 Windows USU-64Y425423P7 Windows USU-7WPTQJ4 Windows USU-9NPMRF4 Windows USU-CMDF3J4 Windows USU-JZSM4C4 Windows USU-MP1H268Q Windows USULOAN432 Windows VRO-FC3CRN3 Windows VRO-JC3CRN3 Windows VRO-SPRO7 Windows VRO-SURF-LT4 Windows VRO-SURFBK1 Windows
References 2