VYPR
Unrated severityNVD Advisory· Published Sep 15, 2021· Updated Aug 3, 2024

CVE-2021-33692

CVE-2021-33692

Description

SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.