CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,734 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 41 of 175
- CVE-2017-16605MEDIUMCVSS 6.5EG 6.52018-01-23
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing a…
- CVE-2017-16606HIGHCVSS 8.8EG 8.82018-01-23
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability,…
- CVE-2017-16610CRITICALCVSS 9.8EG 9.82018-01-23
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.js…
- CVE-2017-16654HIGHCVSS 7.5EG 7.52018-08-06
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of …
- CVE-2017-1671HIGHCVSS 7.5EG 7.52018-01-09
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on…
- CVE-2017-16720CRITICALCVSS 9.8EG 9.82018-01-05
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.
- CVE-2017-16744HIGHCVSS 7.2EG 7.22018-08-20
A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials.
- CVE-2017-16814MEDIUMCVSS 5.5EG 5.52018-02-26
A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs by abusing the URL + escape character during a Wi-Fi transfer, which could be exploited by attackers to bypass intended restrictions on l…
- CVE-2017-16859MEDIUMCVSS 6.5EG 6.52018-06-28
The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application …
- CVE-2017-16922MEDIUMCVSS 5.3EG 5.32018-03-05
In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.
- CVE-2017-17108CRITICALCVSS 9.8EG 9.82018-02-03
Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the …
- CVE-2017-17223HIGHCVSS 8.8EG 8.82018-03-09
Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient …
- CVE-2017-1723MEDIUMCVSS 6.5EG 6.52018-04-26
IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. I…
- CVE-2017-17309HIGHCVSS 7.5EG 7.52018-06-14
Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication.
- CVE-2017-1749MEDIUMCVSS 5.3EG 5.32018-08-13
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522.
- CVE-2017-17662HIGHCVSS 7.5EG 7.52018-01-10
Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the sec…
- CVE-2017-18037MEDIUMCVSS 6.5EG 6.52018-02-02
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed …
- CVE-2017-18038MEDIUMCVSS 5.3EG 5.32018-02-02
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
- CVE-2017-18196LOWCVSS 3.3EG 3.32018-02-23
Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory…
- CVE-2017-18263HIGHCVSS 7.5EG 7.52018-04-28
Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.
- CVE-2017-18354HIGHCVSS 7.5EG 7.52018-12-17
Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker.
- CVE-2017-18448MEDIUMCVSS 5.3EG 5.32019-08-02
cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252).
- CVE-2017-18585HIGHCVSS 8.1EG 8.12019-08-22
The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal.
- CVE-2017-18586CRITICALCVSS 9.1EG 9.12019-08-22
The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template paths.
- CVE-2017-18636HIGHCVSS 7.5EG 7.52019-09-30
CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal.
- CVE-2017-18824LOWCVSS 3.3EG 3.32020-04-20
Certain NETGEAR devices are affected by directory traversal. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F b…
- CVE-2017-18874MEDIUMCVSS 6.5EG 6.52020-06-19
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can achieve directory traversal.
- CVE-2017-18912CRITICALCVSS 9.8EG 9.82020-06-19
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. It allows an attacker to specify a full pathname of a log file.
- CVE-2017-20102MEDIUMCVSS 4.4EG 5.52022-06-27
A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a r…
- CVE-2017-20105MEDIUMCVSS 5.4EG 8.12022-06-28
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2…
- CVE-2017-20145MEDIUMCVSS 6.3EG 9.82022-07-25
A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used…
- CVE-2017-20152LOWCVSS 3.1EG 7.52022-12-30
A vulnerability, which was classified as problematic, was found in aerouk imageserve. Affected is an unknown function of the file public/viewer.php of the component File Handler. The manipulation of the argument filelocation leads to path …
- CVE-2017-20181MEDIUMCVSS 5.3EG 5.52023-03-07
A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path t…
- CVE-2017-20184HIGHCVSS 7.5EG 7.52023-05-04
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device.
- CVE-2017-20212MEDIUMCVSS 6.2EG 6.22026-01-08
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/…
- CVE-2017-20248HIGHCVSS 7.5EG 7.52026-06-09
Apptha Slider Gallery 1.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the imgname parameter. Attackers can send requests to asgallDownload.php with directory tra…
- CVE-2017-20250HIGHCVSS 7.5EG 7.52026-06-09
Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the albid parameter. Attackers can send requests to macdownload.php with directory traversal se…
- CVE-2017-2594MEDIUMCVSS 5.4EG 5.42018-05-08
hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information …
- CVE-2017-2595HIGHCVSS 7.7EG 6.52018-07-27
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.
- CVE-2017-2627HIGHCVSS 8.2EG 8.22018-08-22
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistra…
- CVE-2017-3188MEDIUMCVSS 6.5EG 6.52018-07-24
The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames…
- CVE-2017-5381HIGHCVSS 7.5EG 7.52018-06-11
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This v…
- CVE-2017-6020MEDIUMCVSS 5.3EG 5.32018-04-17
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their pri…
- CVE-2017-8947CRITICALCVSS 9.8EG 9.82018-02-15
A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.
- CVE-2017-8961HIGHCVSS 8.8EG 8.82018-02-15
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
- CVE-2017-9270HIGHCVSS 8.7EG 9.12018-03-01
In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database.
- CVE-2017-9382MEDIUMCVSS 6.5EG 6.52019-06-17
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP service…
- CVE-2017-9386MEDIUMCVSS 6.5EG 6.52019-06-17
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a script file called "get_file.sh" which allows a user to retrieve any file stored in the "cmh-ext" folder on the device. However, the "filen…
- CVE-2017-9447HIGHCVSS 7.5EG 7.52018-02-28
In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthentica…
- CVE-2017-9664CRITICALCVSS 9.8EG 9.82018-05-24
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any aut…
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →