Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-61

CWE-61

High likelihood

UNIX Symbolic Link (Symlink) Following

Parent: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

125 vulnerabilities with CWE-61

CVE-2024-44132 HIGH

Apple Macos < 15.0 - Symlink Following

CVE-2024-45310 LOW

runc <1.2.0-rc2 - Privilege Escalation

CVE-2024-39578 MEDIUM

Dell Powerscale Onefs < 9.7.1.2 - Symlink Following

CVE-2024-42367 MEDIUM

Aiohttp < 3.10.2 - Path Traversal

CVE-2024-27872 MEDIUM

macOS Sonoma <14.6 - Info Disclosure

CVE-2024-28189 CRITICAL

Judge0 <1.13.1 - Privilege Escalation

CVE-2024-28185 CRITICAL

Judge0 - Code Injection

CVE-2024-22014 HIGH

360 Total Security Antivirus <11.0.0.1061 - Privilege Escalation

CVE-2024-25953 MEDIUM

Dell Powerscale Onefs < 9.4.0.16 - Symlink Following

CVE-2024-25952 MEDIUM

Dell Powerscale Onefs < 9.3.0 - Symlink Following

CVE-2024-1933 HIGH

TeamViewer <15.52 - Privilege Escalation

CVE-2024-23285 MEDIUM

Apple Macos < 14.4 - Symlink Following

CVE-2023-20093 MEDIUM

Cisco TelePresence CE - Privilege Escalation

CVE-2023-20092 MEDIUM

Cisco TelePresence CE - Privilege Escalation

CVE-2023-20091 MEDIUM

Cisco TelePresence CE - Privilege Escalation

CVE-2023-41969 HIGH

Win ZApp <4.3.0 - Info Disclosure

CVE-2023-39246 MEDIUM

Dell Endpoint Security Suite Enterprise < 11.8.1 - Symlink Following

CVE-2023-37460 HIGH

Codehaus-plexus Plexus-archiver < 4.8.0 - Path Traversal

CVE-2022-3592 MEDIUM

Samba - Path Traversal

CVE-2022-31036 MEDIUM

Argo CD <v1.3.0 - Info Disclosure

CVE-2022-24904 MEDIUM

Argoproj Argo CD < 2.1.15 - Symlink Following

CVE-2021-4287 MEDIUM

ReFirm Labs binwalk <2.3.2 - Symlink Following

CVE-2021-1612 MEDIUM

Cisco Sd-wan < 17.3.4 - Symlink Following

CVE-2021-39135 HIGH

Npmjs Arborist < 2.8.2 - Symlink Following

CVE-2021-39134 HIGH

@npmcli/arborist - Info Disclosure

Previous Page 4 of 5 Next

Details

Vulnerabilities 125

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy