CWE-59— Improper Link Resolution Before File Access (Link Following)
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.— MITRE CWE catalog
1,471 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-59page 15 of 30
- CVE-2020-9452HIGHCVSS 7.8EG 7.82021-05-25
An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unp…
- CVE-2020-9670CRITICALCVSS 9.8EG 9.82020-07-17
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation.
- CVE-2020-9682CRITICALCVSS 9.8EG 9.82020-07-17
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.
- CVE-2020-9900HIGHCVSS 7.8EG 7.82020-10-22
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker…
- CVE-2020-9901HIGHCVSS 7.8EG 7.82020-10-22
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to…
- CVE-2021-0094HIGHCVSS 7.8EG 7.82021-06-09
Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.
- CVE-2021-1091HIGHCVSS 7.1EG 7.12021-07-22
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or d…
- CVE-2021-1092HIGHCVSS 7.1EG 7.12021-07-22
NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overw…
- CVE-2021-1145MEDIUMCVSS 6.5EG 6.52021-01-13
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need …
- CVE-2021-1278HIGHCVSS 8.6EG 7.52021-01-20
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details sect…
- CVE-2021-1491MEDIUMCVSS 6.5EG 6.52024-11-15
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device. This vulnerability is due to in…
- CVE-2021-1612MEDIUMCVSS 5.5EG 5.52021-09-23
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file sys…
- CVE-2021-20153MEDIUMCVSS 6.8EG 6.82021-12-30
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device.…
- CVE-2021-20197MEDIUMCVSS 6.3EG 6.32021-03-26
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating bin…
- CVE-2021-21117HIGHCVSS 7.8EG 7.82021-02-09
Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file.
- CVE-2021-21125HIGHCVSS 8.1EG 8.12021-02-09
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
- CVE-2021-21131MEDIUMCVSS 6.5EG 6.52021-02-09
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
- CVE-2021-21272HIGHCVSS 7.7EG 7.72021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnera…
- CVE-2021-21300HIGHCVSS 8.0EG 8.02021-03-09
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out scr…
- CVE-2021-21602MEDIUMCVSS 6.5EG 6.52021-01-13
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.
- CVE-2021-21686HIGHCVSS 8.1EG 8.12021-11-04
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories.
- CVE-2021-21691CRITICALCVSS 9.8EG 9.82021-11-04
Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
- CVE-2021-21695HIGHCVSS 8.8EG 8.82021-11-04
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
- CVE-2021-21740LOWCVSS 2.4EG 2.42021-08-09
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized director…
- CVE-2021-22488HIGHCVSS 7.5EG 7.52021-10-28
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
- CVE-2021-23177HIGHCVSS 7.8EG 7.82022-08-23
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when tryin…
- CVE-2021-23239LOWCVSS 2.5EG 2.52021-01-12
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary …
- CVE-2021-23240HIGHCVSS 7.8EG 7.82021-01-12
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC s…
- CVE-2021-23521MEDIUMCVSS 5.5EG 5.52022-01-31
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target di…
- CVE-2021-23772HIGHCVSS 7.5EG 7.52021-12-24
This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary loca…
- CVE-2021-23872HIGHCVSS 7.8EG 7.82021-05-12
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.
- CVE-2021-23873HIGHCVSS 7.8EG 6.12021-02-10
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulat…
- CVE-2021-23892HIGHCVSS 8.2EG 7.02021-05-12
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain …
- CVE-2021-24084MEDIUMCVSS 5.5EG 5.52021-02-25
Windows Mobile Device Management Information Disclosure Vulnerability
- CVE-2021-25261HIGHCVSS 7.8EG 7.82022-06-15
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex B…
- CVE-2021-25321HIGHCVSS 7.8EG 7.82021-06-30
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the…
- CVE-2021-25322MEDIUMCVSS 6.8EG 7.82021-06-10
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Lea…
- CVE-2021-26089MEDIUMCVSS 6.7EG 7.82021-07-12
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.
- CVE-2021-26425HIGHCVSS 7.8EG 7.82021-08-12
Windows Event Tracing Elevation of Privilege Vulnerability
- CVE-2021-26426HIGHCVSS 7.0EG 7.82021-08-12
Windows User Account Profile Picture Elevation of Privilege Vulnerability
- CVE-2021-26720HIGHCVSS 7.8EG 7.82021-02-17
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on…
- CVE-2021-26862HIGHCVSS 7.0EG 7.82021-03-11
Windows Installer Elevation of Privilege Vulnerability
- CVE-2021-26866HIGHCVSS 7.1EG 6.12021-03-11
Windows Update Service Elevation of Privilege Vulnerability
- CVE-2021-26873HIGHCVSS 7.0EG 7.82021-03-11
Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2021-26887HIGHCVSS 7.8EG 7.82021-03-11
<p>An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploite…
- CVE-2021-26889HIGHCVSS 7.8EG 7.82021-03-11
Windows Update Stack Elevation of Privilege Vulnerability
- CVE-2021-27116HIGHCVSS 7.8EG 7.82022-04-05
An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally.
- CVE-2021-27117HIGHCVSS 7.8EG 7.82022-04-05
An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally.
- CVE-2021-27229HIGHCVSS 8.8EG 8.82021-02-16
Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.
- CVE-2021-27241MEDIUMCVSS 6.1EG 6.12021-03-29
This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the …
Map vulnerabilities like CWE-59 to your infrastructure
EchelonGraph correlates every CVE — across CWE-59 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →