Vulnerability Description
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Funair | Fly Is Fun | 35.33 |
Related Weaknesses (CWE)
References
- http://fly.comBroken Link
- http://www.funair.cz/forumProduct
- https://secsys.fudan.edu.cn/Not Applicable
FAQ
What is CVE-2026-30278?
CVE-2026-30278 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code executio...
How severe is CVE-2026-30278?
CVE-2026-30278 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-30278?
Check the references section above for vendor advisories and patch information. Affected products include: Funair Fly Is Fun.