Published: 14/07/2023 Updated: 31/07/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

Copyparty is a portable file server. Versions before 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
copyparty project copyparty

Check Point Reference: CPAI-2023-1630 Date Published: 4 Apr 2024 Severity: High ...

Copyparty version 182 suffers from a directory traversal vulnerability ...

CWE-22 https://github.com/9001/copyparty/security/advisories/GHSA-pxfv-7rr3-2qjg https://github.com/9001/copyparty/commit/043e3c7dd683113e2b1c15cacb9c8e68f76513ff http://packetstormsecurity.com/files/173822/Copyparty-1.8.2-Directory-Traversal.html https://nvd.nist.gov https://packetstormsecurity.com/files/173822/Copyparty-1.8.2-Directory-Traversal.html https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1630.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-37474

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect