A vulnerability identified as problematic has been detected in Esri ArcGIS Server up to 12.0. Affected by this vulnerability is an unknown functionality of the component Path Handler. Performing a manipulation results in path traversal.

This vulnerability is reported as CVE-2026-9181. The attack is possible to be carried out remotely. No exploit exists.