CWE-59— Improper Link Resolution Before File Access (Link Following)
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.— MITRE CWE catalog
1,471 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-59page 14 of 30
- CVE-2020-27172CRITICALCVSS 9.8EG 9.82020-12-28
An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges.
- CVE-2020-27643MEDIUMCVSS 6.5EG 6.52020-12-29
The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have access to create or modify…
- CVE-2020-27697HIGHCVSS 7.8EG 7.82020-11-18
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining adminis…
- CVE-2020-27833HIGHCVSS 7.1EG 7.12021-05-14
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to …
- CVE-2020-28007HIGHCVSS 7.8EG 7.82021-05-06
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the fi…
- CVE-2020-28407HIGHCVSS 7.1EG 7.12023-11-03
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.
- CVE-2020-28641HIGHCVSS 7.1EG 7.12020-12-22
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
- CVE-2020-28935MEDIUMCVSS 5.5EG 5.52020-12-07
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the…
- CVE-2020-29529HIGHCVSS 7.5EG 7.52020-12-03
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.
- CVE-2020-3223MEDIUMCVSS 4.9EG 4.92020-06-03
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerab…
- CVE-2020-3237MEDIUMCVSS 6.3EG 6.32020-06-03
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device.…
- CVE-2020-3432MEDIUMCVSS 5.6EG 5.62025-02-12
A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrec…
- CVE-2020-3437MEDIUMCVSS 6.5EG 6.52020-07-16
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficie…
- CVE-2020-35766HIGHCVSS 7.8EG 7.82020-12-28
The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges via a symlink attack against the /tmp/testkeys file (related to t-testdata.h, t-setup.c, and t-cleanup.c). NOTE: this is applicable to persons w…
- CVE-2020-36193HIGHCVSS 7.5EG 9.0⚠ KEV2021-01-18
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
- CVE-2020-36241MEDIUMCVSS 5.5EG 5.52021-02-05
autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outs…
- CVE-2020-36314LOWCVSS 3.9EG 3.92021-04-07
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situat…
- CVE-2020-36657HIGHCVSS 7.8EG 7.82023-01-26
uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.
- CVE-2020-3830LOWCVSS 3.3EG 3.32020-02-27
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files.
- CVE-2020-3835MEDIUMCVSS 4.4EG 4.42020-02-27
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to access restricted files.
- CVE-2020-3950HIGHCVSS 7.8EG 9.0⚠ KEV2020-03-17
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. S…
- CVE-2020-4717MEDIUMCVSS 5.5EG 5.52021-03-10
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create symbolic link permission to write arbitrary file in another protected path during product installation. IBM X-Force ID: 187727.
- CVE-2020-4885MEDIUMCVSS 4.7EG 4.72021-06-24
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.
- CVE-2020-4966MEDIUMCVSS 4.3EG 4.32021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this li…
- CVE-2020-5324HIGHCVSS 7.1EG 7.12020-02-21
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this …
- CVE-2020-5738HIGHCVSS 8.8EG 8.82020-04-14
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.
- CVE-2020-5795MEDIUMCVSS 6.2EG 6.22020-11-06
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router.
- CVE-2020-5797MEDIUMCVSS 6.1EG 6.12020-11-21
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a craft…
- CVE-2020-5837HIGHCVSS 7.8EG 7.82020-05-11
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
- CVE-2020-6012HIGHCVSS 7.4EG 7.42020-08-04
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on…
- CVE-2020-6015MEDIUMCVSS 5.5EG 5.52020-11-05
Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations.
- CVE-2020-6477HIGHCVSS 7.8EG 7.82020-05-21
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.
- CVE-2020-6546HIGHCVSS 7.8EG 7.82020-09-21
Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
- CVE-2020-7040HIGHCVSS 8.1EG 8.12020-01-21
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block…
- CVE-2020-7221HIGHCVSS 7.8EG 7.82020-02-04
mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/au…
- CVE-2020-7250HIGHCVSS 8.2EG 8.22020-04-15
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which…
- CVE-2020-7282HIGHCVSS 7.5EG 6.32020-07-03
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an uni…
- CVE-2020-7319HIGHCVSS 8.8EG 8.82020-09-09
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links …
- CVE-2020-7325MEDIUMCVSS 5.5EG 5.52020-09-09
Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to a…
- CVE-2020-7346HIGHCVSS 7.8EG 7.82021-03-23
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This …
- CVE-2020-7653MEDIUMCVSS 6.5EG 6.52020-05-29
All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelisted paths.
- CVE-2020-8013LOWCVSS 2.2EG 2.52020-03-02
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because…
- CVE-2020-8015HIGHCVSS 8.4EG 8.42020-04-02
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
- CVE-2020-8095MEDIUMCVSS 4.9EG 5.52020-01-30
A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.
- CVE-2020-8099HIGHCVSS 7.1EG 7.12020-04-21
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free ve…
- CVE-2020-8103HIGHCVSS 7.2EG 7.22020-06-05
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Fre…
- CVE-2020-8585MEDIUMCVSS 5.5EG 5.52021-01-28
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
- CVE-2020-8831MEDIUMCVSS 6.5EG 5.52020-04-22
Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise…
- CVE-2020-8948HIGHCVSS 7.8EG 7.82020-04-15
The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. An unprivileged user could leverage this vulnerability to…
- CVE-2020-8950HIGHCVSS 7.8EG 7.82020-02-12
The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\A…
Map vulnerabilities like CWE-59 to your infrastructure
EchelonGraph correlates every CVE — across CWE-59 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →