Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
path traversal vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2019-1952
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improp...
Cisco Enterprise Network Function Virtualization Infrastructure
6.7
CVSSv3
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local malicious user to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative c...
Cisco Enterprise Network Function Virtualization Infrastructure
8.8
CVSSv3
CVE-2020-3383
A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. The vulnerability is due to a lack of proper input validation of paths that are emb...
Cisco Data Center Network Manager
6.5
CVSSv3
CVE-2020-3401
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient v...
Cisco Sd-wan Firmware
4.9
CVSSv3
CVE-2020-3490
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The ...
Cisco Vision Dynamic Signage Director 6.2.0
8.1
CVSSv3
CVE-2020-3519
A vulnerability in a specific REST API method of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote malicious user to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied in...
Cisco Data Center Network Manager
6.5
CVSSv3
CVE-2020-26065
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient v...
Cisco Catalyst Sd-wan Manager 17.2.6
Cisco Catalyst Sd-wan Manager 17.2.7
Cisco Catalyst Sd-wan Manager 17.2.5
Cisco Catalyst Sd-wan Manager 18.3.1.1
Cisco Catalyst Sd-wan Manager 18.3.3.1
Cisco Catalyst Sd-wan Manager 18.3.3
Cisco Catalyst Sd-wan Manager 18.3.1
Cisco Catalyst Sd-wan Manager 18.3.0
Cisco Catalyst Sd-wan Manager 18.4.0.1
Cisco Catalyst Sd-wan Manager 18.4.3
Cisco Catalyst Sd-wan Manager 18.4.0
Cisco Catalyst Sd-wan Manager 18.4.1
Cisco Catalyst Sd-wan Manager 19.2.0
Cisco Catalyst Sd-wan Manager 19.2.097
Cisco Catalyst Sd-wan Manager 19.2.31
Cisco Catalyst Sd-wan Manager 19.2.929
Cisco Catalyst Sd-wan Manager 20.1.1.1
Cisco Catalyst Sd-wan Manager 20.1.12
Cisco Catalyst Sd-wan Manager 20.3.1
Cisco Catalyst Sd-wan Manager 17.2.8
Cisco Catalyst Sd-wan Manager 17.2.9
Cisco Catalyst Sd-wan Manager 17.2.10
6.5
CVSSv3
CVE-2020-27994
SolarWinds Serv-U prior to 15.2.2 allows Authenticated Directory Traversal.
Solarwinds Serv-u
1 Github repository
4.3
CVSSv3
CVE-2022-22931
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the user...
Apache James 3.6.1
5.4
CVSSv3
CVE-2020-3597
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote malicious user to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backu...
Cisco Nexus Data Broker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »