Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,233 vulnerabilities with CWE-22

CVE-2021-26574 HIGH

HPE Baseboard Management Controller < 3.0.14.0 - Path Traversal in libifc.so webdeletevideofile Function

CVE-2021-1297 HIGH

Cisco RV160/RV260 VPN Router Firmware < 1.0.01.02 - Unauthenticated Path Traversal & Arbitrary File Write

CVE-2021-1296 HIGH

Cisco RV160/RV260 VPN Routers <1.0.01.02 - Unauthenticated Path Traversal & Arbitrary File Write

CVE-2021-21284 MEDIUM

Docker <9.03.15, 20.10.3 - Privilege Escalation

CVE-2021-3281 MEDIUM

Django <2.2.18-3.0.12-3.1.6 - Path Traversal

CVE-2021-25129 HIGH

HPE Cloudline CL3100/CL4100/CL5200/CL5800 Gen9/Gen10 BMC Firmware - Path Traversal via spx_restservice getvideodata_func

CVE-2021-25128 HIGH

HPE Cloudline CL3100/CL4100/CL5200/CL5800 Gen9/Gen10 BMC Firmware - Path Traversal via spx_restservice gethelpdata_func

CVE-2021-25125 HIGH

HPE Cloudline CL3100/CL4100/CL5200/CL5800 Gen9/Gen10 BMC - Path Traversal via spx_restservice delsolrecordedvideo_func

CVE-2021-25124 HIGH

HPE Cloudline CL3100/CL4100/CL5200/CL5800 Gen9/Gen10 BMC - Path Traversal via spx_restservice deletevideo_func

CVE-2021-3341 HIGH

DH2i DxEnterprise and DxOdyssey 19.5-20.x - Path Traversal via DxWebEngine HTTP Request

CVE-2021-25311 CRITICAL

HTCondor < 8.9.11 - Path Traversal via SEC_CREDENTIAL_DIRECTORY_OAUTH

CVE-2021-3223 HIGH

Node-RED-Dashboard <2.26.2 - Path Traversal

CVE-2021-3199 CRITICAL

ONLYOFFICE Document Server < 5.6.3 - Path Traversal and Remote Code Execution via Image Upload Parameter

CVE-2021-3152 MEDIUM

Home Assistant < 2021.1.3 - Path Traversal in Custom Integrations

CVE-2021-25864 HIGH

node-red-contrib-huemagic 3.0.0 - Path Traversal via hue/assets/..%2F in res.sendFile API

CVE-2021-21272 HIGH

ORAS 0.4.0-0.8.9 - Path Traversal via Tarball Extraction

CVE-2021-1357 MEDIUM

Cisco Unified Communications Manager and IM & Presence Service < 11.5(1)su9 - Path Traversal and SQL Injection

CVE-2021-1259 MEDIUM

Cisco SD-WAN vManage < 18.2.0 - Authenticated Path Traversal and Arbitrary File Write via HTTP Request

CVE-2021-21269 HIGH

keymaker < 0.2.0 - Path Traversal via Assets Endpoint

CVE-2021-3178 MEDIUM

Linux Kernel < 5.10.8 - Path Traversal via NFS READDIRPLUS

CVE-2021-21251 HIGH

OneDev < 4.0.3 - Authenticated Arbitrary File Write via TarUtils Path Traversal

CVE-2021-3139 HIGH

tcmu-runner 1.3.0-1.5.2 - Path Traversal and Arbitrary File Read/Write via XCOPY Request

CVE-2021-21605 HIGH

Jenkins < 2.263.1, < 2.274 - Path Traversal via Agent Name Configuration

CVE-2021-23242 MEDIUM

MERCUSYS Mercury X18G 1.0.5 - Path Traversal

CVE-2021-23241 MEDIUM

MERCUSYS Mercury X18G 1.0.5 - Path Traversal

Previous Page 211 of 370 Next

Details

Vulnerabilities 9,233

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy