Unrated severityNVD Advisory· Published Mar 13, 2024· Updated Aug 12, 2024

Path Traversal in FileCatalyst Direct 3.8.8 and Earlier

CVE-2024-25154

Description

Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Fortra/FileCatalystllm-fuzzy2 versions
<=3.8.8+ 1 more
- (no CPE)range: <=3.8.8
- (no CPE)range: 3.8.6

Patches

Vulnerability mechanics

References

filecatalyst.software/public/filecatalyst/Direct/3.8.9.90/whatsnew_direct.htmlmitre
www.fortra.com/security/advisory/fi-2024-003mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000