CWE-36
Absolute Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.
CVE-2017-7929 (GCVE-0-2017-7929)
Vulnerability from cvelistv5
Published
2017-05-06 00:00
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Advantech WebAccess |
Version: Advantech WebAccess |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:19:29.504Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "98311", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/98311" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Advantech WebAccess", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Advantech WebAccess" } ] } ], "datePublic": "2017-05-05T00:00:00", "descriptions": [ { "lang": "en", "value": "An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2017-05-08T09:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "name": "98311", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/98311" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2017-7929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Advantech WebAccess", "version": { "version_data": [ { "version_value": "Advantech WebAccess" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An Absolute Path Traversal issue was discovered in Advantech WebAccess Version 8.1 and prior. The absolute path traversal vulnerability has been identified, which may allow an attacker to traverse the file system to access restricted files or directories." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36" } ] } ] }, "references": { "reference_data": [ { "name": "98311", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98311" }, { "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-03" } ] } } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2017-7929", "datePublished": "2017-05-06T00:00:00", "dateReserved": "2017-04-18T00:00:00", "dateUpdated": "2024-08-05T16:19:29.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-20250 (GCVE-0-2018-20250)
Vulnerability from cvelistv5
Published
2019-02-05 20:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Check Point Software Technologies Ltd. | WinRAR |
Version: All versions prior and including 5.61 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:19.126Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://research.checkpoint.com/extracting-code-execution-from-winrar/" }, { "name": "46552", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/46552/" }, { "name": "106948", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106948" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.win-rar.com/whatsnew.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace" }, { "name": "46756", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/46756/" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2018-20250", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-07T13:40:28.345239Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2022-02-15", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20250" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:46:08.642Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2022-02-15T00:00:00+00:00", "value": "CVE-2018-20250 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "WinRAR", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior and including 5.61" } ] } ], "datePublic": "2019-02-05T00:00:00.000Z", "descriptions": [ { "lang": "en", "value": "In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36: Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-25T18:06:08.000Z", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE" }, { "tags": [ "x_refsource_MISC" ], "url": "https://research.checkpoint.com/extracting-code-execution-from-winrar/" }, { "name": "46552", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/46552/" }, { "name": "106948", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106948" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.win-rar.com/whatsnew.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace" }, { "name": "46756", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/46756/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2019-02-05T00:00:00", "ID": "CVE-2018-20250", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "WinRAR", "version": { "version_data": [ { "version_value": "All versions prior and including 5.61" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36: Absolute Path Traversal" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE", "refsource": "MISC", "url": "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE" }, { "name": "https://research.checkpoint.com/extracting-code-execution-from-winrar/", "refsource": "MISC", "url": "https://research.checkpoint.com/extracting-code-execution-from-winrar/" }, { "name": "46552", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/46552/" }, { "name": "106948", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106948" }, { "name": "https://www.win-rar.com/whatsnew.html", "refsource": "MISC", "url": "https://www.win-rar.com/whatsnew.html" }, { "name": "http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/152618/RARLAB-WinRAR-ACE-Format-Input-Validation-Remote-Code-Execution.html" }, { "name": "http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace", "refsource": "MISC", "url": "http://www.rapid7.com/db/modules/exploit/windows/fileformat/winrar_ace" }, { "name": "46756", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/46756/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-20250", "datePublished": "2019-02-05T20:00:00.000Z", "dateReserved": "2018-12-19T00:00:00.000Z", "dateUpdated": "2025-07-30T01:46:08.642Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-1296 (GCVE-0-2021-1296)
Vulnerability from cvelistv5
Published
2021-02-04 16:56
Modified
2024-11-08 23:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:02:56.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1296", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:04:12.962626Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:43:13.333Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Small Business RV Series Router Firmware", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-02-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-04T16:56:29", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ], "source": { "advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [ [ "CSCvw19856", "CSCvw22856" ] ], "discovery": "INTERNAL" }, "title": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-02-03T16:00:00", "ID": "CVE-2021-1296", "STATE": "PUBLIC", "TITLE": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Small Business RV Series Router Firmware", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "impact": { "cvss": { "baseScore": "7.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36" } ] } ] }, "references": { "reference_data": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ] }, "source": { "advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [ [ "CSCvw19856", "CSCvw22856" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1296", "datePublished": "2021-02-04T16:56:29.396167Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:43:13.333Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-1297 (GCVE-0-2021-1297)
Vulnerability from cvelistv5
Published
2021-02-04 16:56
Modified
2024-11-08 23:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:02:56.381Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1297", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:04:15.752330Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:43:26.246Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Small Business RV Series Router Firmware", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-02-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-04T16:56:24", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ], "source": { "advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [ [ "CSCvw19856", "CSCvw22856" ] ], "discovery": "INTERNAL" }, "title": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-02-03T16:00:00", "ID": "CVE-2021-1297", "STATE": "PUBLIC", "TITLE": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Small Business RV Series Router Firmware", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "impact": { "cvss": { "baseScore": "7.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36" } ] } ] }, "references": { "reference_data": [ { "name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn" } ] }, "source": { "advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [ [ "CSCvw19856", "CSCvw22856" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1297", "datePublished": "2021-02-04T16:56:24.572637Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:43:26.246Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-1617 (GCVE-0-2021-1617)
Vulnerability from cvelistv5
Published
2021-07-22 15:20
Modified
2024-11-07 22:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco Intersight Virtual Appliance |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:18:11.132Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1617", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-07T21:43:32.040703Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-07T22:05:43.687Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Intersight Virtual Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-22T15:20:22", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ], "source": { "advisory": "cisco-sa-ucsi2-dtcinj-yH5U4RSx", "defect": [ [ "CSCvy29621", "CSCvy29622" ] ], "discovery": "INTERNAL" }, "title": "Cisco Intersight Virtual Appliance Vulnerabilities", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-07-21T16:00:00", "ID": "CVE-2021-1617", "STATE": "PUBLIC", "TITLE": "Cisco Intersight Virtual Appliance Vulnerabilities" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Intersight Virtual Appliance", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "impact": { "cvss": { "baseScore": "6.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36" } ] } ] }, "references": { "reference_data": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ] }, "source": { "advisory": "cisco-sa-ucsi2-dtcinj-yH5U4RSx", "defect": [ [ "CSCvy29621", "CSCvy29622" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1617", "datePublished": "2021-07-22T15:20:22.389518Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-07T22:05:43.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-1618 (GCVE-0-2021-1618)
Vulnerability from cvelistv5
Published
2021-07-22 15:20
Modified
2024-11-07 22:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco Intersight Virtual Appliance |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:18:10.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1618", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-07T21:43:33.942432Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-07T22:05:50.233Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Intersight Virtual Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-22T15:20:16", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ], "source": { "advisory": "cisco-sa-ucsi2-dtcinj-yH5U4RSx", "defect": [ [ "CSCvy29621", "CSCvy29622" ] ], "discovery": "INTERNAL" }, "title": "Cisco Intersight Virtual Appliance Vulnerabilities", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-07-21T16:00:00", "ID": "CVE-2021-1618", "STATE": "PUBLIC", "TITLE": "Cisco Intersight Virtual Appliance Vulnerabilities" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Intersight Virtual Appliance", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "impact": { "cvss": { "baseScore": "6.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36" } ] } ] }, "references": { "reference_data": [ { "name": "20210721 Cisco Intersight Virtual Appliance Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-dtcinj-yH5U4RSx" } ] }, "source": { "advisory": "cisco-sa-ucsi2-dtcinj-yH5U4RSx", "defect": [ [ "CSCvy29621", "CSCvy29622" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1618", "datePublished": "2021-07-22T15:20:16.633697Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-07T22:05:50.233Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-21586 (GCVE-0-2021-21586)
Vulnerability from cvelistv5
Published
2021-07-15 16:15
Modified
2024-09-17 01:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Dell | Wyse Management Suite |
Version: unspecified < 3.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:16:23.440Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.dell.com/support/kbdoc/000189363" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wyse Management Suite", "vendor": "Dell", "versions": [ { "lessThan": "3.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2021-07-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36: Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T16:15:12", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.dell.com/support/kbdoc/000189363" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@dell.com", "DATE_PUBLIC": "2021-07-06", "ID": "CVE-2021-21586", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Wyse Management Suite", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "3.3" } ] } } ] }, "vendor_name": "Dell" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system." } ] }, "impact": { "cvss": { "baseScore": 8.1, "baseSeverity": "High", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36: Absolute Path Traversal" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.dell.com/support/kbdoc/000189363", "refsource": "MISC", "url": "https://www.dell.com/support/kbdoc/000189363" } ] } } } }, "cveMetadata": { "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2021-21586", "datePublished": "2021-07-15T16:15:12.894335Z", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2024-09-17T01:31:36.108Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-30173 (GCVE-0-2021-30173)
Vulnerability from cvelistv5
Published
2021-05-07 09:30
Modified
2024-09-17 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Jun-He Technology Ltd. | Quan-Fang-Wei-Tong-Xun system |
Version: 2007.2103 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:59.564Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.twcert.org.tw/tw/cp-132-4712-7ade4-1.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Quan-Fang-Wei-Tong-Xun system", "vendor": "Jun-He Technology Ltd.", "versions": [ { "status": "affected", "version": "2007.2103" } ] } ], "datePublic": "2021-05-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36 Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-07T09:30:26", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.twcert.org.tw/tw/cp-132-4712-7ade4-1.html" } ], "solutions": [ { "lang": "en", "value": "Update version to 2007.2104" } ], "source": { "advisory": "TVN-202104010", "discovery": "EXTERNAL" }, "title": "Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Local File Inclusion", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-05-07T09:17:00.000Z", "ID": "CVE-2021-30173", "STATE": "PUBLIC", "TITLE": "Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Local File Inclusion" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Quan-Fang-Wei-Tong-Xun system", "version": { "version_data": [ { "version_affected": "=", "version_value": "2007.2103" } ] } } ] }, "vendor_name": "Jun-He Technology Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36 Absolute Path Traversal" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.twcert.org.tw/tw/cp-132-4712-7ade4-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4712-7ade4-1.html" } ] }, "solution": [ { "lang": "en", "value": "Update version to 2007.2104" } ], "source": { "advisory": "TVN-202104010", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-30173", "datePublished": "2021-05-07T09:30:26.202808Z", "dateReserved": "2021-04-06T00:00:00", "dateUpdated": "2024-09-17T00:45:54.724Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-32506 (GCVE-0-2021-32506)
Vulnerability from cvelistv5
Published
2021-07-07 14:11
Modified
2024-09-16 18:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3 .
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
QSAN | Storage Manager |
Version: unspecified < |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:17:29.561Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.twcert.org.tw/tw/cp-132-4862-f8b86-1.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Storage Manager", "vendor": "QSAN", "versions": [ { "lessThanOrEqual": "3.3.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2021-07-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3 ." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36 Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-22T10:32:25", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.twcert.org.tw/tw/cp-132-4862-f8b86-1.html" } ], "solutions": [ { "lang": "en", "value": "QSAN Storage Manager v3.3.3" } ], "source": { "advisory": "TVN-202104011", "discovery": "EXTERNAL" }, "title": "QSAN Storage Manager - Absolute Path Traversal via GetImage function", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-07-07T08:59:00.000Z", "ID": "CVE-2021-32506", "STATE": "PUBLIC", "TITLE": "QSAN Storage Manager - Absolute Path Traversal via GetImage function" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Storage Manager", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "3.3.1" } ] } } ] }, "vendor_name": "QSAN" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3 ." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36 Absolute Path Traversal" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.twcert.org.tw/tw/cp-132-4862-f8b86-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4862-f8b86-1.html" } ] }, "solution": [ { "lang": "en", "value": "QSAN Storage Manager v3.3.3" } ], "source": { "advisory": "TVN-202104011", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-32506", "datePublished": "2021-07-07T14:11:39.173671Z", "dateReserved": "2021-05-10T00:00:00", "dateUpdated": "2024-09-16T18:03:21.221Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-32507 (GCVE-0-2021-32507)
Vulnerability from cvelistv5
Published
2021-07-07 14:11
Modified
2024-09-16 17:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
QSAN | Storage Manager |
Version: unspecified < |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:17:29.541Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.twcert.org.tw/tw/cp-132-4863-57d4a-1.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Storage Manager", "vendor": "QSAN", "versions": [ { "lessThanOrEqual": "3.3.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2021-07-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36 Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-22T10:32:27", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.twcert.org.tw/tw/cp-132-4863-57d4a-1.html" } ], "solutions": [ { "lang": "en", "value": "QSAN Storage Manager v3.3.3" } ], "source": { "advisory": "TVN-202104012", "discovery": "EXTERNAL" }, "title": "QSAN Storage Manager - Absolute Path Traversal via FileDownload function", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-07-07T09:11:00.000Z", "ID": "CVE-2021-32507", "STATE": "PUBLIC", "TITLE": "QSAN Storage Manager - Absolute Path Traversal via FileDownload function" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Storage Manager", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "3.3.1" } ] } } ] }, "vendor_name": "QSAN" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-36 Absolute Path Traversal" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.twcert.org.tw/tw/cp-132-4863-57d4a-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4863-57d4a-1.html" } ] }, "solution": [ { "lang": "en", "value": "QSAN Storage Manager v3.3.3" } ], "source": { "advisory": "TVN-202104012", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-32507", "datePublished": "2021-07-07T14:11:40.823137Z", "dateReserved": "2021-05-10T00:00:00", "dateUpdated": "2024-09-16T17:38:03.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
No mitigation information available for this CWE.
CAPEC-597: Absolute Path Traversal
An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as ".." to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access.