CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2021(Directory Traversal)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43778 22 Dir. Trav. 2021-11-24 2021-11-24
0.0
None ??? ??? ??? ??? ??? ???
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.
2 CVE-2021-43775 22 Dir. Trav. 2021-11-23 2021-11-26
0.0
None ??? ??? ??? ??? ??? ???
Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash (../)� sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0.
3 CVE-2021-43496 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
4 CVE-2021-43495 22 Dir. Trav. 2021-11-15 2021-11-18
5.0
None Remote Low Not required Partial None None
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
5 CVE-2021-43494 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
OpenCV-REST-API master branch as of commit 69be158c05d4dd5a4aff38fdc680a162dd6b9e49 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
6 CVE-2021-43493 22 Exec Code Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can in turn be used to execute code.
7 CVE-2021-43492 22 Dir. Trav. 2021-11-12 2021-11-16
5.0
None Remote Low Not required Partial None None
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system andcan significantly aid in getting remote code access.
8 CVE-2021-43264 22 Dir. Trav. Bypass 2021-11-02 2021-11-09
2.1
None Local Low Not required Partial None None
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.
9 CVE-2021-42771 22 Exec Code Dir. Trav. 2021-10-20 2021-10-26
7.2
None Local Low Not required Complete Complete Complete
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
10 CVE-2021-42727 22 Exec Code Dir. Trav. 2021-11-22 2021-11-24
6.8
None Remote Medium Not required Partial Partial Partial
Acrobat RoboHelp Server versions 2020.0.1 (and earlier) are affected by a Path traversal vulnerability. The authenticated attacker can upload arbitrary files outside of the intended directory to cause remote code execution with privileges of user running Tomcat. Exploitation of this issue requires user interaction in that a victim must navigate to a planted file on the server.
11 CVE-2021-42556 22 Dir. Trav. 2021-10-22 2021-10-28
4.3
None Remote Medium Not required None Partial None
Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.
12 CVE-2021-42542 22 Dir. Trav. 2021-10-22 2021-10-27
6.5
None Remote Low ??? Partial Partial Partial
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
13 CVE-2021-42261 22 Dir. Trav. 2021-10-19 2021-10-25
5.0
None Remote Low Not required Partial None None
Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server.
14 CVE-2021-42021 26 Dir. Trav. 2021-11-09 2021-11-15
5.0
None Remote Low Not required Partial None None
A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application’s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks.
15 CVE-2021-42013 22 Exec Code Dir. Trav. 2021-10-07 2021-11-11
7.5
None Remote Low Not required Partial Partial Partial
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
16 CVE-2021-41950 22 Dir. Trav. 2021-11-15 2021-11-17
6.4
None Remote Low Not required None Partial Partial
A directory traversal issue in ResourceSpace 9.6 before 9.6 rev 18277 allows remote unauthenticated attackers to delete arbitrary files on the ResourceSpace server via the provider and variant parameters in pages/ajax/tiles.php. Attackers can delete configuration or source code files, causing the application to become unavailable to all users.
17 CVE-2021-41773 22 Exec Code Dir. Trav. 2021-10-05 2021-11-11
4.3
None Remote Medium Not required Partial None None
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
18 CVE-2021-41596 22 Dir. Trav. 2021-10-04 2021-10-12
5.0
None Remote Low Not required Partial None None
SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.
19 CVE-2021-41595 22 Dir. Trav. 2021-10-04 2021-10-12
5.0
None Remote Low Not required Partial None None
SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality.
20 CVE-2021-41579 22 Exec Code Dir. Trav. Bypass 2021-10-04 2021-10-12
6.8
None Remote Medium Not required Partial Partial Partial
LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where the user has permission, leading to code execution.
21 CVE-2021-41578 22 Exec Code Dir. Trav. 2021-10-04 2021-10-12
6.8
None Remote Medium Not required Partial Partial Partial
mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.
22 CVE-2021-41381 22 Dir. Trav. 2021-09-23 2021-10-08
4.3
None Remote Medium Not required Partial None None
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
23 CVE-2021-41324 22 Dir. Trav. 2021-09-30 2021-10-07
4.0
None Remote Low ??? Partial None None
Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete).
24 CVE-2021-41323 22 Dir. Trav. 2021-09-30 2021-10-07
4.0
None Remote Low ??? None Partial None
Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.
25 CVE-2021-41294 22 DoS Dir. Trav. 2021-09-30 2021-10-07
6.4
None Remote Low Not required None Partial Partial
ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files deletion. Using the specific GET parameter, unauthenticated attackers can remotely delete arbitrary files on the affected device and cause denial of service scenario.
26 CVE-2021-41293 22 Dir. Trav. 2021-09-30 2021-10-07
5.0
None Remote Low Not required Partial None None
ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information.
27 CVE-2021-41291 22 Dir. Trav. 2021-09-30 2021-10-07
5.0
None Remote Low Not required Partial None None
ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device.
28 CVE-2021-41281 22 Dir. Trav. 2021-11-23 2021-11-23
0.0
None ??? ??? ??? ??? ??? ???
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. The last 2 directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers with a federation whitelist are also unaffected, since Synapse will check the remote hostname, including the trailing `../`s, against the whitelist. Server administrators should upgrade to 1.47.1 or later. Server administrators using a reverse proxy could, at the expense of losing media functionality, may block the certain endpoints as a workaround. Alternatively, non-containerized deployments can be adapted to use the hardened systemd config.
29 CVE-2021-41279 22 Dir. Trav. 2021-11-26 2021-11-26
0.0
None ??? ??? ??? ??? ??? ???
BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible.
30 CVE-2021-41185 22 Dir. Trav. 2021-10-26 2021-10-27
4.0
None Remote Low ??? Partial None None
Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users may manually apply the changes from the fix commit.
31 CVE-2021-41152 22 Dir. Trav. 2021-10-18 2021-10-22
4.0
None Remote Low ??? Partial None None
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on the target system. The attack could be used to read any file accessible in the web root folder or outside, depending on the configuration of the system and the properly configured permission of the application server user. The attack requires an OpenOlat user account or the enabled guest user feature together with the usage of the folder component in a course. The attack does not allow writing of arbitrary files, it allows only reading of files and also only ready of files that the attacker knows the exact path which is very unlikely at least for OpenOlat data files. The problem is fixed in version 15.5.8 and 16.0.1 It is advised to upgrade to version 16.0.x. There are no known workarounds to fix this problem, an upgrade is necessary.
32 CVE-2021-41151 22 Dir. Trav. 2021-10-18 2021-10-22
4.0
None Remote Low ??? Partial None None
Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a `github:publish:pull-request` action and a particular source path. When the template is executed the sensitive files would be included in the published pull request. This vulnerability is mitigated by the fact that an attacker would need access to create and register templates in the Backstage catalog, and that the attack is very visible given that the exfiltration happens via a pull request. The vulnerability is patched in the `0.15.9` release of `@backstage/plugin-scaffolder-backend`.
33 CVE-2021-41150 22 Dir. Trav. 2021-10-19 2021-10-26
3.5
None Remote Medium ??? None Partial None
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
34 CVE-2021-41149 22 Dir. Trav. 2021-10-19 2021-10-25
8.5
None Remote Low ??? None Complete Complete
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
35 CVE-2021-41131 22 Dir. Trav. 2021-10-19 2021-10-22
8.8
None Remote Medium Not required None Complete Complete
python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can overwrite files ending in `.json` anywhere on the client system on a call to `get_one_valid_targetinfo()`. It occurs because the rolename is used to form the filename, and may contain path traversal characters (ie `../../name.json`). The impact is mitigated by a few facts: It only affects implementations that allow arbitrary rolename selection for delegated targets metadata, The attack requires the ability to A) insert new metadata for the path-traversing role and B) get the role delegated by an existing targets metadata, The written file content is heavily restricted since it needs to be a valid, signed targets file. The file extension is always .json. A fix is available in version 0.19 or newer. There are no workarounds that do not require code changes. Clients can restrict the allowed character set for rolenames, or they can store metadata in files named in a way that is not vulnerable: neither of these approaches is possible without modifying python-tuf.
36 CVE-2021-41127 22 Dir. Trav. 2021-10-21 2021-10-27
5.8
None Remote Medium Not required None Partial Partial
Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can overwrite or replace bot files in the bot directory. The vulnerability is fixed in Rasa 2.8.10. For users unable to update ensure that users do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.
37 CVE-2021-41103 22 Dir. Trav. 2021-10-04 2021-11-17
7.2
None Local Low Not required Complete Complete Complete
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.
38 CVE-2021-41087 22 Dir. Trav. Bypass 2021-09-21 2021-10-05
4.0
None Remote Low ??? None Partial None
in-toto-golang is a go implementation of the in-toto framework to protect software supply chain integrity. In affected versions authenticated attackers posing as functionaries (i.e., within a trusted set of users for a layout) are able to create attestations that may bypass DISALLOW rules in the same layout. An attacker with access to trusted private keys, may issue an attestation that contains a disallowed artifact by including path traversal semantics (e.g., foo vs dir/../foo). Exploiting this vulnerability is dependent on the specific policy applied. The problem has been fixed in version 0.3.0.
39 CVE-2021-41072 59 Dir. Trav. 2021-09-14 2021-11-05
5.8
None Remote Medium Not required None Partial Partial
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.
40 CVE-2021-40988 22 Dir. Trav. 2021-10-15 2021-10-21
9.0
None Remote Low ??? Complete Complete Complete
A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
41 CVE-2021-40978 22 Dir. Trav. +Info 2021-10-07 2021-10-15
5.0
None Remote Low Not required Partial None None
** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and https://github.com/nisdn/CVE-2021-40978/issues/1.
42 CVE-2021-40964 22 Dir. Trav. CSRF 2021-09-15 2021-09-27
4.3
None Remote Medium Not required None Partial None
A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer.
43 CVE-2021-40960 22 Dir. Trav. 2021-10-01 2021-10-07
7.5
None Remote Low Not required Partial Partial Partial
Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow.
44 CVE-2021-40887 22 Dir. Trav. 2021-10-11 2021-10-18
10.0
None Remote Low Not required Complete Complete Complete
Projectsend version r1295 is affected by a directory traversal vulnerability. Because of lacking sanitization input for files[] parameter, an attacker can add ../ to move all PHP files or any file on the system that has permissions to /upload/files/ folder.
45 CVE-2021-40886 22 Dir. Trav. Bypass 2021-10-11 2021-10-16
4.0
None Remote Low ??? None Partial None
Projectsend version r1295 is affected by a directory traversal vulnerability. A user with Uploader role can add value `2` for `chunks` parameter to bypass `fileName` sanitization.
46 CVE-2021-40870 434 Exec Code Dir. Trav. 2021-09-13 2021-10-11
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
47 CVE-2021-40745 22 Dir. Trav. 2021-11-17 2021-11-17
5.0
None Remote Low Not required Partial None None
Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server.
48 CVE-2021-40724 22 Exec Code Dir. Trav. 2021-10-15 2021-10-21
6.8
None Remote Medium Not required Partial Partial Partial
Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
49 CVE-2021-40651 22 Dir. Trav. File Inclusion 2021-09-29 2021-10-07
4.0
None Remote Low ??? Partial None None
OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.
50 CVE-2021-40371 22 Exec Code Dir. Trav. 2021-10-25 2021-10-28
7.5
None Remote Low Not required Partial Partial Partial
Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap.
Total number of vulnerabilities : 447   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.