CVE-2021-26619
HIGHbigfileagent < 1.0.1.7 - Path Traversal and Arbitrary File Deletion
Title source: llmDescription
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36457
Scores
CVSS v3
7.1
EPSS
0.0089
EPSS Percentile
54.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Details
CWE
CWE-22
Status
published
Products (1)
bigfile/bigfileagent
< 1.0.1.7
Published
Feb 18, 2022
Tracked Since
Feb 18, 2026