Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-61

CWE-61

High likelihood

UNIX Symbolic Link (Symlink) Following

Parent: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

125 vulnerabilities with CWE-61

CVE-2021-32518 HIGH

Qsan Storage Manager < 3.3.3 - Symlink Following

CVE-2021-32509 MEDIUM

Qsan Storage Manager < 3.3.3 - Symlink Following

CVE-2021-32508 MEDIUM

Qsan Storage Manager < 3.3.3 - Symlink Following

CVE-2021-25321 HIGH

SUSE Linux Enterprise Server <11-SP4-LTSS - Privilege Escalation

CVE-2021-32557 MEDIUM

Canonical Apport - Symlink Following

CVE-2021-32555 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32554 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32553 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32552 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32551 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32550 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32549 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32548 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-32547 HIGH

Canonical Ubuntu Linux - Symlink Following

CVE-2021-25322 MEDIUM

openSUSE Leap 15.2/python-HyperKitty <1.3.2-lp152.2.3.1 - Privilege...

CVE-2021-1145 MEDIUM

Cisco StarOS - Info Disclosure

CVE-2020-15076 HIGH

Private Tunnel <3.0.1 - Memory Corruption

CVE-2020-15075 HIGH

OpenVPN Connect <3.2.6 - Memory Corruption

CVE-2020-8019 HIGH

syslog-ng - Privilege Escalation

CVE-2020-8014 HIGH

openSUSE Leap 15.1, Tumbleweed - Privilege Escalation

CVE-2019-11251 MEDIUM

Kubernetes < 1.13.11 - Symlink Following

CVE-2019-16775 HIGH

npm CLI <6.13.3 - Arbitrary File Write

CVE-2019-11249 MEDIUM

Kubernetes < 1.12.10 - Path Traversal

CVE-2019-11246 MEDIUM

Kubernetes < 1.12.10 - Path Traversal

CVE-2017-14798 HIGH

PostgreSQL - Privilege Escalation

Previous Page 5 of 5

Details

Vulnerabilities 125

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy