Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-21876 | Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225. | 9.1 |
| 2024-08-12 | CVE-2024-21877 | Path Traversal vulnerability in Enphase IQ Gateway Firmware Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. | 6.5 |
| 2024-08-12 | CVE-2024-41936 | Path Traversal vulnerability in Vonets products A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication. | 7.5 |
| 2024-08-12 | CVE-2024-42468 | Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 7.5 |
| 2024-08-12 | CVE-2024-42469 | Path Traversal vulnerability in Openhab openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. | 9.8 |
| 2024-08-12 | CVE-2024-6759 | Path Traversal vulnerability in Freebsd When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". | 5.3 |
| 2024-08-12 | CVE-2024-7399 | Path Traversal vulnerability in Samsung Magicinfo 9 Server Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. | 7.5 |
| 2024-08-12 | CVE-2024-7693 | Path Traversal vulnerability in Raidenmaild Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal vulnerability, allowing unauthenticated remote attackers to read arbitrary file on the remote server. | 7.5 |
| 2024-08-08 | CVE-2024-42408 | Path Traversal vulnerability in Dorsettcontrols Infoscan 1.32/1.33/1.35 The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. | 3.7 |
| 2024-08-07 | CVE-2024-6707 | Path Traversal vulnerability in Openwebui Open Webui 0.1.105 Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | 8.8 |