CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,767 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 74 of 176
- CVE-2021-27461HIGHCVSS 7.5EG 7.52021-05-20
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.
- CVE-2021-27471HIGHCVSS 7.7EG 8.62022-03-23
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.…
- CVE-2021-27473MEDIUMCVSS 6.1EG 8.22022-03-23
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, aut…
- CVE-2021-27753MEDIUMCVSS 5.5EG 5.52022-02-21
"Sametime Android PathTraversal Vulnerability"
- CVE-2021-27755MEDIUMCVSS 5.5EG 5.52022-02-21
"Sametime Android potential path traversal vulnerability when using File class"
- CVE-2021-27771HIGHCVSS 8.2EG 7.62022-05-12
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID …
- CVE-2021-27798MEDIUMCVSS 5.5EG 5.52022-08-05
A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions 7.4.1.x and 7.3.x have reached end of life. Brocade Fabric OS Users should upgr…
- CVE-2021-27825HIGHCVSS 7.5EG 7.52023-05-29
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.
- CVE-2021-27916HIGHCVSS 8.1EG 8.12024-09-17
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete files other than those in the media folders…
- CVE-2021-28042HIGHCVSS 7.8EG 7.82021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
- CVE-2021-28149MEDIUMCVSS 6.5EG 9.02021-05-06
Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.…
- CVE-2021-28172HIGHCVSS 7.5EG 7.52021-04-06
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage.
- CVE-2021-28205MEDIUMCVSS 4.9EG 4.92021-04-06
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to …
- CVE-2021-28206MEDIUMCVSS 4.9EG 4.92021-04-06
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to acce…
- CVE-2021-28207MEDIUMCVSS 4.9EG 4.92021-04-06
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access s…
- CVE-2021-28208MEDIUMCVSS 4.9EG 4.92021-04-06
The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access …
- CVE-2021-28209MEDIUMCVSS 4.9EG 4.92021-04-06
The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to acce…
- CVE-2021-28376LOWCVSS 2.7EG 2.72022-01-12
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
- CVE-2021-28377MEDIUMCVSS 5.3EG 5.32022-01-12
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
- CVE-2021-28485MEDIUMCVSS 4.3EG 6.52023-09-14
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system th…
- CVE-2021-28584MEDIUMCVSS 5.4EG 5.42021-06-28
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write…
- CVE-2021-28588HIGHCVSS 8.8EG 8.82021-06-28
Adobe RoboHelp Server version 2019.0.9 (and earlier) is affected by a Path Traversal vulnerability when parsing a crafted HTTP POST request. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…
- CVE-2021-28644HIGHCVSS 7.8EG 7.82023-09-06
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve…
- CVE-2021-28658MEDIUMCVSS 5.3EG 5.32021-04-06
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
- CVE-2021-28798HIGHCVSS 8.8EG 7.52021-05-21
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerabil…
- CVE-2021-28959CRITICALCVSS 9.8EG 9.82021-04-30
Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution.
- CVE-2021-28966HIGHCVSS 7.5EG 7.52021-07-30
In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.
- CVE-2021-29006MEDIUMCVSS 6.5EG 6.52021-10-11
rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An authenticated user may successfully download any file on the server.
- CVE-2021-29087HIGHCVSS 7.5EG 7.52021-06-23
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to write arbitrary files via unspecified ve…
- CVE-2021-29088HIGHCVSS 7.8EG 7.82021-06-01
Improper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors.
- CVE-2021-29091HIGHCVSS 7.7EG 7.72021-06-02
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to write arbitrary files via unspecifi…
- CVE-2021-29100HIGHCVSS 7.8EG 7.82021-05-05
A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code exec…
- CVE-2021-29101HIGHCVSS 7.5EG 7.52021-05-05
ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal vulnerability that could allow an unauthenticated, remote attacker to perform directory traversal attacks and read arbitrary files on the system.
- CVE-2021-29134MEDIUMCVSS 5.3EG 5.32022-03-15
The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL.
- CVE-2021-29157HIGHCVSS 7.5EG 7.52021-06-28
Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT v…
- CVE-2021-29212CRITICALCVSS 9.8EG 9.82021-11-01
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arb…
- CVE-2021-29246MEDIUMCVSS 6.7EG 6.72021-05-05
BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special characters to upload the file outside of…
- CVE-2021-29395HIGHCVSS 7.5EG 7.52022-02-04
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the …
- CVE-2021-29398MEDIUMCVSS 5.3EG 5.32022-02-04
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem o…
- CVE-2021-29417CRITICALCVSS 9.8EG 9.82021-03-29
gitjacker before 0.1.0 allows remote attackers to execute arbitrary code via a crafted .git directory because of directory traversal.
- CVE-2021-29425MEDIUMCVSS 4.8EG 4.82021-04-13
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent dire…
- CVE-2021-29466MEDIUMCVSS 6.5EG 6.52021-04-22
Discord-Recon is a bot for the Discord chat service. In versions of Discord-Recon 0.0.3 and prior, a remote attacker is able to read local files from the server that can disclose important information. As a workaround, a bot maintainer can…
- CVE-2021-29474MEDIUMCVSS 4.7EG 4.72021-04-26
HedgeDoc (formerly known as CodiMD) is an open-source collaborative markdown editor. An attacker can read arbitrary `.md` files from the server's filesystem due to an improper input validation, which results in the ability to perform a rel…
- CVE-2021-29492HIGHCVSS 8.1EG 8.12021-05-28
Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. `/something%2F.…
- CVE-2021-29695MEDIUMCVSS 6.5EG 6.52021-05-25
IBM Host firmware for LC-class Systems could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request that would allow them to delete arbitrary files on the system. IBM X-Force I…
- CVE-2021-30048MEDIUMCVSS 5.3EG 5.32021-04-29
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (小说精品屋-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.
- CVE-2021-3019HIGHCVSS 7.5EG 7.52021-01-05
ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet.
- CVE-2021-30483MEDIUMCVSS 5.3EG 5.32021-07-30
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.
- CVE-2021-30497HIGHCVSS 7.5EG 9.02022-04-06
Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of t…
- CVE-2021-30635MEDIUMCVSS 5.3EG 5.32021-04-27
Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →