CVE-2020-25780
HIGH NUCLEICommCell < 14.68, 15.x < 15.58, 16.x < 16.44, 17.x < 17.29, 18.x < 18.13 - Path Traversal via Log File View
Title source: llmExploitation Summary
CVE-2020-25780 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.
Nuclei Templates (1)
Commvault CommCell - Local File Inclusion
HIGHby pdteam
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://kb.commvault.com/article/63264
Scores
CVSS v3
7.5
EPSS
0.0988
EPSS Percentile
95.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
commvault/commcell
< 14.68
Published
Oct 29, 2020
Tracked Since
Feb 18, 2026