CVE-2026-52902: Path Traversal in awxkit YAML Import Vulnerability
CVE-2026-52902 is a path traversal flaw in awxkit, the command-line interface for Red Hat's AWX automation platform. When a user imports a specially crafted YAML configuration file using the "awx --conf.format yaml import" command, an attacker can trick awxkit into reading arbitrary YAML files from the victim's local system. The vulnerability stems from insufficient validation of file paths in the YAML !include directive. This is fundamentally a client-side attack requiring the user to knowingly or unknowingly process a malicious YAML file, making social engineering a prerequisite for exploitation.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 4.7 MEDIUM · CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
- Weaknesses (CWE)
- CWE-22
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-09 / 2026-06-25
NVD description (verbatim)
A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.format yaml import". This is a client-side vulnerability requiring user interaction.
2 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The awxkit CLI fails to properly sanitize file paths when processing the YAML !include directive during configuration imports. An attacker can craft a YAML document with an !include statement pointing to a file outside the intended configuration directory (e.g., ../../../etc/passwd or other sensitive YAML files on the filesystem). When a user executes the import command, the unsanitized path is resolved, and the tool reads the referenced file. If that file is YAML-formatted, its contents are processed, potentially exposing sensitive configuration data, credentials, or other information stored in accessible files. The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory—'Path Traversal').
Business impact
This vulnerability poses a moderate risk to organizations relying on awxkit for automation and infrastructure management. The primary business impact is confidentiality breach: an attacker can extract sensitive information such as configuration secrets, API tokens, database credentials, or other YAML-formatted data accessible to the user running awxkit. Because the attack requires social engineering—convincing a user to import a malicious configuration file—the blast radius is limited. However, in environments where configuration imports are automated or where awxkit is used by a shared service account, the risk escalates. Organizations should assess whether their deployment patterns create conditions where untrusted YAML files might be imported.
Affected systems
awxkit CLI tool versions prior to the patched release are affected. awxkit is distributed as part of AWX or as a standalone Python package. The vendor product list was not provided in the advisory data; organizations should consult the official Red Hat/AWX security advisory to confirm the exact affected versions and whether their deployment is impacted.
Exploitability
Exploitation requires user interaction and local filesystem access. An attacker must socially engineer a user into importing a malicious YAML configuration file. The attack does not require elevated privileges, nor does it demand a network connection once the malicious file is in the user's possession. The relatively high barrier to exploitation (convincing a user to import an untrusted config) prevents this from being classified as high-severity, though the attack is technically straightforward once a user complies. The CVSS 3.1 score of 4.7 (Medium) reflects this balance: high confidentiality impact but high attack complexity and required user interaction.
Remediation
Users should update awxkit to a patched version that properly validates and sanitizes file paths in YAML !include directives. Until patching is feasible, users should avoid importing YAML configuration files from untrusted sources and implement file integrity checks on any configuration files before importing them. Organizations should review audit logs for unexpected import operations and monitor for unusual file access patterns when awxkit is in use.
Patch guidance
Consult the official Red Hat AWX security advisory for the specific patched version number and release date. Patch availability and deployment timelines vary by distribution channel (PyPI, Red Hat repositories, etc.). After patching, verify the update by checking the awxkit version (awx version) and re-testing imports with known-safe configuration files. No backward-compatibility concerns are anticipated, but validation in a non-production environment is recommended for mission-critical deployments.
Detection guidance
Monitor for suspicious YAML import commands, particularly those using relative paths or importing from untrusted sources. Log and alert on any awx --conf.format yaml import operations that reference files outside expected directories. Endpoint detection and response (EDR) tools can flag unexpected file read operations by Python processes running awxkit, especially reads from system directories or sensitive configuration areas. Network-based detection is unlikely to be effective since this is a client-side, local-filesystem attack.
Why prioritize this
Although the CVSS score is moderate (4.7), this vulnerability should be prioritized in environments where configuration management is centralized or automated, or where awxkit is used as a shared service account. Organizations with stricter control over user activities and file imports can deprioritize relative to other medium-severity issues. The lack of KEV status indicates this is not yet observed in active exploits in the wild, but the straightforward attack mechanism warrants timely patching.
Risk score, explained
The CVSS 3.1 score of 4.7 reflects a Medium-severity vulnerability with high confidentiality impact but limited exploitability. The Local attack vector (AV:L) and High attack complexity (AC:H) reflect the requirement for the attacker to deliver a file to the target system and convince the user to import it. Required user interaction (UI:R) further constrains the attack. No integrity (I:N) or availability (A:N) impact is expected, limiting the score despite the high confidentiality concern (C:H). Organizations should not interpret the moderate score as low risk; context matters.
Frequently asked questions
Can this vulnerability be exploited remotely?
No. CVE-2026-52902 is a local, client-side vulnerability requiring the attacker to first deliver a malicious YAML file to the victim's system and then socially engineer the user into importing it. There is no network attack vector.
What types of files can be extracted?
Any YAML-formatted files readable by the user running awxkit can potentially be accessed. This typically includes configuration files, environment files, and credential stores in accessible directories. Non-YAML files referenced by the !include directive may not be fully processed, limiting the utility of extracting binary or plaintext data.
Are there workarounds if patching is delayed?
Yes. Restrict imports to only known-good configuration files, implement code review or checksum verification for YAML files before importing them, and educate users not to import configuration from untrusted sources. Some organizations may isolate awxkit usage to restricted service accounts with minimal filesystem permissions to limit the impact of a potential breach.
Does this affect AWX server, or only the awxkit CLI?
This vulnerability is specific to awxkit, the command-line client tool. The AWX server itself is not directly vulnerable, though compromised client-side data or credentials extracted via this path traversal could secondarily compromise AWX deployments if the extracted files contain server credentials.
This analysis is provided for informational purposes to support vulnerability assessment and patch management. The information is accurate as of the publication date but may be superseded by vendor advisories or updated CVE data. No guarantee is made regarding the completeness or applicability of this guidance to any specific environment. Always verify patch version numbers, affected products, and remediation steps against the official vendor advisory before deploying fixes. Proof-of-concept code or step-by-step exploitation instructions are not provided. Organizations should conduct their own risk assessment based on their specific deployment, threat model, and regulatory requirements. Source: NVD (public-domain), retrieved 2026-07-16. Analysis generated by SEC.co (claude-haiku-4-5).
Weaknesses (CWE)
Related vulnerabilities
- CVE-2018-25393MEDIUMNavigate CMS 2.8.5 Path Traversal Vulnerability (CVSS 6.5)
- CVE-2018-25421MEDIUMOpen STA Manager 2.3 Path Traversal File Download Vulnerability
- CVE-2019-25734MEDIUMContact Form by WD CSRF & Local File Inclusion Vulnerability
- CVE-2019-25740MEDIUMJoomla com_jsjobs Arbitrary File Deletion Vulnerability
- CVE-2022-50953MEDIUMWordPress admin-word-count-column Plugin Local File Read Vulnerability
- CVE-2024-47263MEDIUMSynology Hyper Backup Path Traversal – Admin Privilege Required
- CVE-2024-47273MEDIUMSynology Hyper Backup Path Traversal Vulnerability (4.3 MEDIUM)
- CVE-2026-0055MEDIUMAndroid Path Traversal in PackageInstallerService Enables Local Privilege Escalation to Device Policy Controller