Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/03/2024 Updated: 07/03/2024

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the malicious user to access sensitive data on an affected device.

CISA urges software devs to weed out path traversal vulnerabilities

BleepingComputer • Sergiu Gatlan • 02 May 2024

CISA urges software devs to weed out path traversal vulnerabilities By Sergiu Gatlan May 2, 2024 03:38 PM 0 CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping. Attackers can exploit path traversal vulnerabilities (also known as directory traversal) to create or overwrite critical files used to execute code or bypass security mechanisms like authentication. Such security flaws can also let threat actors...

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Recent attacks on healthcare thrust infosec agency into alert mode

CISA is calling on the software industry to stamp out directory traversal vulnerabilities following recent high-profile exploits of the 20-year-old class of bugs. As part of its long-running series of alerts that promote secure-by-design practices in software, the US cybersecurity agency bemoaned the fact these vulnerabilities exist, despite approaches to eliminate them being established for over two decades. Directory traversals see users manipulating inputs to gain access to data, sometimes wi...

CVE-2024-20345

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect