Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2020-10-01 CVE-2020-5789 Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03
Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.
network
low complexity
teltonika-networks CWE-22
6.5
6.5
2020-10-01 CVE-2020-5788 Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03
Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action.
network
low complexity
teltonika-networks CWE-22
6.5
6.5
2020-10-01 CVE-2020-5787 Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03
Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/services/packages/remove action.
network
low complexity
teltonika-networks CWE-22
6.5
6.5
2020-09-30 CVE-2020-21527 Path Traversal vulnerability in Halo 1.1.3
There is an Arbitrary file deletion vulnerability in halo v1.1.3.
network
low complexity
halo CWE-22
7.7
7.7
2020-09-30 CVE-2020-21526 Path Traversal vulnerability in Halo 1.1.3
An Arbitrary file writing vulnerability in halo v1.1.3.
network
low complexity
halo CWE-22
critical
 9.8
9.8
2020-09-30 CVE-2020-21525 Path Traversal vulnerability in Halo 1.1.3
Halo V1.1.3 is affected by: Arbitrary File reading.
network
low complexity
halo CWE-22
7.5
7.5
2020-09-30 CVE-2020-21522 Path Traversal vulnerability in Halo 1.1.3
An issue was discovered in halo V1.1.3.
network
low complexity
halo CWE-22
critical
 9.8
9.8
2020-09-30 CVE-2020-21244 Path Traversal vulnerability in Frontaccounting 2.4.7
An issue was discovered in FrontAccounting 2.4.7.
network
low complexity
frontaccounting CWE-22
4.9
4.9
2020-09-25 CVE-2020-24621 Path Traversal vulnerability in Openmrs Htmlformentry
A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS.
network
low complexity
openmrs CWE-22
8.8
8.8
2020-09-23 CVE-2020-24626 Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9
Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.
network
low complexity
hpe CWE-22
critical
 9.8
9.8