Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-21132 Path Traversal vulnerability in Pfsense Pfsense-Pkg-Wireguard 0.1.5/0.1.6
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder.
network
low complexity
pfsense CWE-22
6.5
2022-03-10 CVE-2021-42787 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API.
network
low complexity
riverbed CWE-22
critical
9.8
2022-03-10 CVE-2021-42853 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API.
network
low complexity
riverbed CWE-22
critical
9.8
2022-03-10 CVE-2021-42854 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API.
network
low complexity
riverbed CWE-22
critical
9.8
2022-03-10 CVE-2021-42857 Path Traversal vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API.
network
low complexity
riverbed CWE-22
5.3
2022-03-04 CVE-2021-32008 Path Traversal vulnerability in Secomea Gatemanager 9.6.621421014
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.
network
low complexity
secomea CWE-22
8.7
2022-03-04 CVE-2022-26484 Path Traversal vulnerability in Veritas Infoscale Operations Manager
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100.
network
low complexity
veritas CWE-22
4.9
2022-03-04 CVE-2021-46381 Path Traversal vulnerability in Dlink Dap-1620 Firmware
Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
network
low complexity
dlink CWE-22
7.5
2022-03-03 CVE-2021-3762 Path Traversal vulnerability in Redhat Clair and Quay
A directory traversal vulnerability was found in the ClairCore engine of Clair.
network
low complexity
redhat CWE-22
critical
9.8
2022-03-02 CVE-2021-41002 Path Traversal vulnerability in HPE Arubaos-Cx
Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.06.xxxx: 10.06.0170 and below, AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.09.xxxx: 10.09.0002 and below.
network
low complexity
hpe CWE-22
8.1