CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 112 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7826 | Med | 0.42 | 6.5 | 0.02 | Jun 9, 2017 | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests. | ||
| CVE-2016-7825 | Med | 0.42 | 6.5 | 0.02 | Jun 9, 2017 | Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands. | ||
| CVE-2016-7802 | Med | 0.42 | 6.5 | 0.03 | Jun 9, 2017 | Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2015-1834 | Med | 0.42 | 6.5 | 0.02 | May 25, 2017 | A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through… | ||
| CVE-2017-7433 | Med | 0.42 | 6.5 | 0.01 | May 18, 2017 | An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed… | ||
| CVE-2017-2098 | Med | 0.42 | 6.5 | 0.02 | Apr 28, 2017 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2017-2090 | Med | 0.42 | 6.5 | 0.02 | Apr 28, 2017 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2015-8780 | Med | 0.42 | 6.4 | 0.01 | Apr 13, 2017 | Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. | ||
| CVE-2016-10048 | Hig | 0.42 | 7.5 | 0.07 | Mar 23, 2017 | Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. | ||
| CVE-2016-4986 | Hig | 0.42 | 7.5 | 0.03 | Feb 9, 2017 | Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter. | ||
| CVE-2016-8933 | Med | 0.42 | 6.5 | 0.02 | Feb 1, 2017 | IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system. | ||
| CVE-2016-8913 | Med | 0.42 | 6.5 | 0.02 | Feb 1, 2017 | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||
| CVE-2016-6126 | Med | 0.42 | 6.5 | 0.02 | Feb 1, 2017 | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||
| CVE-2016-10173 | Hig | 0.42 | 7.5 | 0.05 | Feb 1, 2017 | Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry. | ||
| CVE-2016-10106 | Med | 0.42 | 6.5 | 0.02 | Jan 3, 2017 | Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by… | ||
| CVE-2016-9878 | Hig | 0.42 | 7.5 | 0.06 | Dec 29, 2016 | An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks. | ||
| CVE-2016-9208 | Med | 0.42 | 6.5 | 0.03 | Dec 14, 2016 | A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. More… | ||
| CVE-2016-9199 | Med | 0.42 | 6.5 | 0.03 | Dec 14, 2016 | A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and… | ||
| CVE-2016-5765 | Med | 0.42 | 6.5 | 0.02 | Nov 29, 2016 | Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that… | ||
| CVE-2016-8280 | Med | 0.42 | 6.5 | 0.02 | Oct 3, 2016 | Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote authenticated users to read arbitrary files via unspecified vectors. |
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.
- risk 0.42cvss 6.5epss 0.03
Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.42cvss 6.5epss 0.02
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through…
- risk 0.42cvss 6.5epss 0.01
An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed…
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.42cvss 6.4epss 0.01
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
- risk 0.42cvss 7.5epss 0.07
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
- risk 0.42cvss 7.5epss 0.03
Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter.
- risk 0.42cvss 6.5epss 0.02
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.
- risk 0.42cvss 6.5epss 0.02
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
- risk 0.42cvss 6.5epss 0.02
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
- risk 0.42cvss 7.5epss 0.05
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by…
- risk 0.42cvss 7.5epss 0.06
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
- risk 0.42cvss 6.5epss 0.03
A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. More…
- risk 0.42cvss 6.5epss 0.03
A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and…
- risk 0.42cvss 6.5epss 0.02
Administrative Server in Micro Focus Host Access Management and Security Server (MSS) and Reflection for the Web (RWeb) and Reflection Security Gateway (RSG) and Reflection ZFE (ZFE) allows remote unauthenticated attackers to read arbitrary files via a specially crafted URL that…
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote authenticated users to read arbitrary files via unspecified vectors.