Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43176 | 1 Goautodial | 2 Goautodial, Goautodial Api | 2021-12-09 | 6.5 MEDIUM | 8.8 HIGH |
| The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied “action” parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sanitize the user input that specifies the action. This permits an attacker to execute any PHP source file with a .php extension that is present on the disk and readable by the GOautodial web server process. Combined with CVE-2021-43175, it is possible for the attacker to do this without valid credentials. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C | |||||
| CVE-2021-37087 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file. | |||||
| CVE-2021-37099 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file. | |||||
| CVE-2021-44725 | 1 Knime | 1 Knime Server | 2021-12-08 | 5.0 MEDIUM | 7.5 HIGH |
| KNIME Server before 4.13.4 allows directory traversal in a request for a client profile. | |||||
| CVE-2021-43800 | 2 Microsoft, Requarks | 2 Windows, Wiki.js | 2021-12-08 | 4.3 MEDIUM | 7.5 HIGH |
| Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is only possible on a Wiki.js server running on Windows, when a storage module implementing local asset cache (e.g Local File System or Git) is enabled and that no web application firewall solution (e.g. cloudflare) strips potentially malicious URLs. Commit number 414033de9dff66a327e3f3243234852f468a9d85 fixes this vulnerability by sanitizing the path before it is passed on to the storage module. The sanitization step removes any windows directory traversal sequences from the path. As a workaround, disable any storage module with local asset caching capabilities (Local File System, Git). | |||||
| CVE-2021-43795 | 1 Linecorp | 1 Armeria | 2021-12-06 | 5.0 MEDIUM | 7.5 HIGH |
| Armeria is an open source microservice framework. In affected versions an attacker can access an Armeria server's local file system beyond its restricted directory by sending an HTTP request whose path contains `%2F` (encoded `/`), such as `/files/..%2Fsecrets.txt`, bypassing Armeria's path validation logic. Armeria 1.13.4 or above contains the hardened path validation logic that handles `%2F` properly. This vulnerability can be worked around by inserting a decorator that performs an additional validation on the request path. | |||||
| CVE-2021-43676 | 1 Swoole | 1 Swoole Php Framework | 2021-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. | |||||
| CVE-2021-44278 | 1 Librenms | 1 Librenms | 2021-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php. | |||||
| CVE-2021-29212 | 1 Hp | 1 Ilo Amplifier Pack | 2021-12-03 | 10.0 HIGH | 9.8 CRITICAL |
| A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance. | |||||
| CVE-2021-43358 | 1 Sun | 1 Ehrd | 2021-12-01 | 7.8 HIGH | 7.5 HIGH |
| Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files. | |||||
| CVE-2021-43783 | 1 Backstage | 1 Backstage | 2021-12-01 | 5.5 MEDIUM | 8.5 HIGH |
| @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a template, meaning you do not need write access to the templates. This method will not allow the attacker to control the contents of the injected file however, unless the template is also crafted in a specific way that gives control of the file contents. This vulnerability is fixed in version `0.15.14` of the `@backstage/plugin-scaffolder-backend`. This attack is mitigated by restricting access and requiring reviews when registering or modifying scaffolder templates. | |||||
| CVE-2021-43691 | 1 Tripexpress Project | 1 Tripexpress | 2021-12-01 | 7.5 HIGH | 9.8 CRITICAL |
| tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is a path manipulation vulnerability. | |||||
| CVE-2021-43778 | 1 Glpi-project | 1 Barcode | 2021-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file. | |||||
| CVE-2021-22720 | 1 Schneider-electric | 1 C-bus Toolkit | 2021-11-30 | 6.5 MEDIUM | 7.2 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project. | |||||
| CVE-2021-41279 | 1 Basercms | 1 Basercms | 2021-11-30 | 9.0 HIGH | 8.8 HIGH |
| BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible. | |||||
| CVE-2021-32061 | 1 S3scanner Project | 1 S3scanner | 2021-11-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a <Key>../ substring in a ListBucketResult element. | |||||
| CVE-2021-37733 | 2 Arubanetworks, Siemens | 4 Arubaos, Sd-wan, Scalance W1750d and 1 more | 2021-11-26 | 4.0 MEDIUM | 4.9 MEDIUM |
| A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. | |||||
| CVE-2021-37731 | 2 Arubanetworks, Siemens | 17 7005, 7008, 7010 and 14 more | 2021-11-26 | 7.2 HIGH | 6.2 MEDIUM |
| A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. | |||||
| CVE-2021-37729 | 2 Arubanetworks, Siemens | 4 Arubaos, Sd-wan, Scalance W1750d and 1 more | 2021-11-26 | 5.5 MEDIUM | 6.5 MEDIUM |
| A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. | |||||
| CVE-2020-7882 | 2 Hancom, Microsoft | 2 Anysign4pc, Windows | 2021-11-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. It occurs because the parameter contains path traversal characters(ie. '../../../') | |||||