CWE-23— Relative Path Traversal
231 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-23page 1 of 5
- CVE-2017-0918HIGHCVSS 8.8EG 8.82018-03-21
Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
- CVE-2017-9664CRITICALCVSS 9.82018-05-24
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any aut…
- CVE-2018-10615HIGHCVSS 8.12018-06-04
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
- CVE-2018-12473LOWCVSS 3.12018-10-02
A path traversal traversal vulnerability in obs-service-tar_scm of Open Build Service allows remote attackers to cause access files not in the current build. On the server itself this is prevented by confining the worker via KVM. Affected …
- CVE-2018-12476MEDIUMCVSS 4.3EG 4.32020-01-27
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious ser…
- CVE-2018-13299MEDIUMCVSS 4.3EG 6.52019-04-01
Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.
- CVE-2018-14795HIGHCVSS 8.82018-08-21
DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.
- CVE-2018-18990MEDIUMCVSS 5.32019-02-05
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server proc…
- CVE-2018-5448MEDIUMCVSS 4.82018-05-04
Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.
- CVE-2019-0074MEDIUMCVSS 5.5EG 5.52019-10-09
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. This issue onl…
- CVE-2019-11822MEDIUMCVSS 4.3EG 6.52019-06-30
Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter.
- CVE-2019-11826HIGHCVSS 8.0EG 8.82019-06-30
Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.
- CVE-2019-13408HIGHCVSS 7.5EG 7.52019-08-29
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.
- CVE-2019-13944MEDIUMCVSS 5.3EG 5.32019-12-12
A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP…
- CVE-2019-17640CRITICALCVSS 9.8EG 9.82020-10-15
In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Ope…
- CVE-2019-18338HIGHCVSS 7.7EG 7.72019-12-12
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on port…
- CVE-2019-19287MEDIUMCVSS 6.5EG 6.52020-12-14
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.
- CVE-2019-3943HIGHCVSS 8.1EG 8.12019-04-10
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote a…
- CVE-2019-3976HIGHCVSS 8.8EG 8.82019-10-29
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could…
- CVE-2020-10619CRITICALCVSS 9.1EG 9.12020-04-09
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
- CVE-2020-10631CRITICALCVSS 9.8EG 9.82020-04-09
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
- CVE-2020-12006CRITICALCVSS 9.8EG 9.82020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control.
- CVE-2020-12010HIGHCVSS 7.1EG 7.12020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s contr…
- CVE-2020-12026HIGHCVSS 8.8EG 8.82020-05-08
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control.
- CVE-2020-17518HIGHCVSS 7.5EG 7.52021-01-05
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Fl…
- CVE-2020-1904MEDIUMCVSS 5.5EG 5.52020-10-06
A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachm…
- CVE-2020-25150HIGHCVSS 7.6EG 8.82022-04-14
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading …
- CVE-2020-25172CRITICALCVSS 9.8EG 9.82020-11-06
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
- CVE-2020-25176CRITICALCVSS 9.1EG 9.82022-03-18
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved …
- CVE-2020-27304CRITICALCVSS 9.8EG 9.82021-10-21
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file u…
- CVE-2020-3597MEDIUMCVSS 5.4EG 5.42020-10-08
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficien…
- CVE-2020-4039HIGHCVSS 8.6EG 8.62021-04-30
SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file readable by the app can be retrieved by…
- CVE-2020-5237HIGHCVSS 8.8EG 8.82020-02-05
Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to arbitrary code execution) via the (1) f…
- CVE-2020-5280HIGHCVSS 7.6EG 7.62020-03-25
http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. This vulnerability applies to all users of org.http4s.server.staticcontent.FileService, org.http4s.server.staticcontent.ResourceService and org.h…
- CVE-2020-5284MEDIUMCVSS 4.4EG 4.42020-03-30
Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the…
- CVE-2020-5405MEDIUMCVSS 6.5EG 9.02020-03-05
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or…
- CVE-2020-5410HIGHCVSS 7.5EG 9.0⚠ KEV2020-06-02
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or…
- CVE-2020-7008HIGHCVSS 7.5EG 7.52020-04-03
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.
- CVE-2020-7376HIGHCVSS 7.1EG 9.82020-08-24
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesys…
- CVE-2020-7377HIGHCVSS 8.1EG 7.52020-08-24
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the…
- CVE-2020-7861HIGHCVSS 8.4EG 8.42021-04-22
AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution.
- CVE-2020-8254HIGHCVSS 8.8EG 8.82020-10-28
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections betwe…
- CVE-2020-8271CRITICALCVSS 9.8EG 9.82020-11-16
Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
- CVE-2020-8570CRITICALCVSS 9.1EG 9.12021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potenti…
- CVE-2020-8865MEDIUMCVSS 6.3EG 6.32020-03-23
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. …
- CVE-2021-20040HIGHCVSS 7.5EG 7.52021-12-08
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
- CVE-2021-22281MEDIUMCVSS 6.3EG 6.32024-02-02
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.
- CVE-2021-22650HIGHCVSS 7.5EG 9.82022-07-28
An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.
- CVE-2021-22674MEDIUMCVSS 6.5EG 6.52021-08-10
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions p…
- CVE-2021-22870MEDIUMCVSS 6.5EG 6.52021-11-10
A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitH…
Map vulnerabilities like CWE-23 to your infrastructure
EchelonGraph correlates every CVE — across CWE-23 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →