VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 111 of 275
  • CVE-2017-15895MedDec 8, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

  • CVE-2017-15894MedDec 8, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

  • CVE-2017-15893MedDec 8, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

  • CVE-2017-17042HigNov 28, 2017
    risk 0.42cvss 7.5epss 0.03

    lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

  • CVE-2017-16959MedNov 27, 2017
    risk 0.42cvss 6.5epss 0.02

    The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted…

  • CVE-2017-16936MedNov 24, 2017
    risk 0.42cvss 6.5epss 0.01

    Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01,…

  • CVE-2017-14614MedOct 10, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the Visor GUI Console in GridGain before 1.7.16, 1.8.x before 1.8.12, 1.9.x before 1.9.7, and 8.x before 8.1.5 allows remote authenticated users to read arbitrary files on remote cluster nodes via a crafted path.

  • CVE-2017-14754MedOct 3, 2017
    risk 0.42cvss 6.5epss 0.01

    OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for…

  • CVE-2017-13985MedSep 30, 2017
    risk 0.42cvss 6.5epss 0.03

    An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.

  • CVE-2017-11162MedSep 8, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors.

  • CVE-2015-4085HigSep 7, 2017
    risk 0.42cvss 7.5epss 0.02

    Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.

  • CVE-2017-10834MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

  • CVE-2014-8163MedAug 28, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.

  • CVE-2017-12074MedAug 24, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.

  • CVE-2017-7424MedAug 21, 2017
    risk 0.42cvss 6.5epss 0.02

    A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product,…

  • CVE-2017-12586MedAug 6, 2017
    risk 0.42cvss 6.5epss 0.03

    SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. It can be exploited by remote authenticated librarian users.

  • CVE-2017-2240MedJul 17, 2017
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service".

  • CVE-2015-3297HigJul 7, 2017
    risk 0.42cvss 7.5epss 0.05

    Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests.

  • CVE-2017-6704MedJul 4, 2017
    risk 0.42cvss 6.5epss 0.03

    A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335.…

  • CVE-2017-2829MedJun 21, 2017
    risk 0.42cvss 6.5epss 0.03

    An exploitable directory traversal vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause the application to read a file from disk but a failure to adequately…