An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.Īn issue was discovered in NOKIA 1350OMS R14.2. directory traversal to read arbitrary files, as exploited in the wild in June 2022.Īn issue was discovered in NOKIA 1350OMS R14.2. UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F. In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files. In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.Īn issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in file operation management in Synology Presto File Server before 2.1.2-1601 allows remote attackers to write arbitrary files via unspecified vectors.Īn issue was discovered in Veritas NetBackup through 8.2 and related Veritas products.
0 kommentar(er)
