CVE-2018-0693

HIGH

FileZen 3.0.0-4.2.1 - Path Traversal and Arbitrary File Write

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.

References (2)

Core 2
Core References
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN95355683/index.html
Patch, Vendor Advisory x_refsource_misc
https://www.soliton.co.jp/support/2018/003328.html

Scores

CVSS v3 7.5
EPSS 0.0195
EPSS Percentile 77.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (1)
soliton/filezen 3.0.0 - 4.2.1
Published Nov 15, 2018
Tracked Since Feb 18, 2026