CVE-2018-16171

HIGH

Cybozu Remote Service 3.0.0-3.1.8 - Remote Code Execution via Directory Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://kb.cybozu.support/article/35259/
Third Party Advisory third-party-advisory x_refsource_jvn
https://jvn.jp/en/jp/JVN23161885/index.html

Scores

CVSS v3 8.8
EPSS 0.0105
EPSS Percentile 77.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
cybozu/remote_service_manager 3.0.0 - 3.1.8
Published Jan 09, 2019
Tracked Since Feb 18, 2026