CVE-2026-6282

HIGH WAF: High

CVSS 8.1 Published: 2026-05-13

CWE-22

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

References

iknow.lenovo.com.cn
pc.lenovo.com.cn

Back to CVE Database