Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-53691

Summary
Assigner-qnap
Assigner Org ID-2fd009eb-170a-4625-932b-17a53af1051f
Published At-06 Dec, 2024 | 16:34
Updated At-24 Jan, 2025 | 04:55
Rejected At-
Credits

QTS, QuTS hero

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QTS 5.2.0.2802 build 20240620 and later QuTS hero h5.1.8.2823 build 20240712 and later QuTS hero h5.2.0.2802 build 20240620 and later

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qnap
Assigner Org ID:2fd009eb-170a-4625-932b-17a53af1051f
Published At:06 Dec, 2024 | 16:34
Updated At:24 Jan, 2025 | 04:55
Rejected At:
▼CVE Numbering Authority (CNA)
QTS, QuTS hero

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QTS 5.2.0.2802 build 20240620 and later QuTS hero h5.1.8.2823 build 20240712 and later QuTS hero h5.2.0.2802 build 20240620 and later

Affected Products
Vendor
QNAP Systems, Inc.QNAP Systems Inc.
Product
QTS
Default Status
unaffected
Versions
Affected
  • From 5.1.x before 5.1.8.2823 build 20240712 (custom)
  • From 5.2.x before 5.2.0.2802 build 20240620 (custom)
Vendor
QNAP Systems, Inc.QNAP Systems Inc.
Product
QuTS hero
Default Status
unaffected
Versions
Affected
  • From h5.1.x before h5.1.8.2823 build 20240712 (custom)
  • From h5.2.x before h5.2.0.2802 build 20240620 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-59CWE-59
Type: CWE
CWE ID: CWE-59
Description: CWE-59
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-132CAPEC-132
CAPEC ID: CAPEC-132
Description: CAPEC-132
Solutions

We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QTS 5.2.0.2802 build 20240620 and later QuTS hero h5.1.8.2823 build 20240712 and later QuTS hero h5.2.0.2802 build 20240620 and later

Configurations

Workarounds

Exploits

Credits

finder
c411e
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.qnap.com/en/security-advisory/qsa-24-28
N/A
Hyperlink: https://www.qnap.com/en/security-advisory/qsa-24-28
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
QNAP Systems, Inc.qnap
Product
qts
CPEs
  • cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 5.1.x before 5.1.8.2823 build 20240712 (custom)
  • From 5.2.x before 5.2.0.2802 build 20240620 (custom)
Vendor
QNAP Systems, Inc.qnap
Product
quts_hero
CPEs
  • cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From h5.1.x before h5.1.8.2823 build 20240712 (custom)
  • From h5.2.x before h5.2.0.2802 build 20240620 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@qnapsecurity.com.tw
Published At:06 Dec, 2024 | 17:15
Updated At:23 Sep, 2025 | 14:20

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QTS 5.2.0.2802 build 20240620 and later QuTS hero h5.1.8.2823 build 20240712 and later QuTS hero h5.2.0.2802 build 20240620 and later

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

QNAP Systems, Inc.
qnap
>>qts>>5.1.0.2348
cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.0.2399
cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.0.2418
cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.0.2444
cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.0.2466
cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.1.2491
cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.2.2533
cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.3.2578
cpe:2.3:o:qnap:qts:5.1.3.2578:build_20231110:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.4.2596
cpe:2.3:o:qnap:qts:5.1.4.2596:build_20231128:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.5.2645
cpe:2.3:o:qnap:qts:5.1.5.2645:build_20240116:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.5.2679
cpe:2.3:o:qnap:qts:5.1.5.2679:build_20240219:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.6.2722
cpe:2.3:o:qnap:qts:5.1.6.2722:build_20240402:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.1.7.2770
cpe:2.3:o:qnap:qts:5.1.7.2770:build_20240520:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.2.0.2737
cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.2.0.2744
cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>qts>>5.2.0.2782
cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.0.2409
cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.0.2424
cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.0.2453
cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.0.2466
cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.1.2488
cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.2.2534
cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.3.2578
cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:build_20231110:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.4.2596
cpe:2.3:o:qnap:quts_hero:h5.1.4.2596:build_20231128:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.5.2647
cpe:2.3:o:qnap:quts_hero:h5.1.5.2647:build_20240118:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.5.2680
cpe:2.3:o:qnap:quts_hero:h5.1.5.2680:build_20240220:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.6.2734
cpe:2.3:o:qnap:quts_hero:h5.1.6.2734:build_20240414:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.7.2770
cpe:2.3:o:qnap:quts_hero:h5.1.7.2770:build_20240520:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.7.2788
cpe:2.3:o:qnap:quts_hero:h5.1.7.2788:build_20240607:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.1.7.2794
cpe:2.3:o:qnap:quts_hero:h5.1.7.2794:build_20240613:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.2.0.2737
cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.2.0.2782
cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*
QNAP Systems, Inc.
qnap
>>quts_hero>>h5.2.0.2789
cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-59Secondarysecurity@qnapsecurity.com.tw
CWE ID: CWE-59
Type: Secondary
Source: security@qnapsecurity.com.tw
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.qnap.com/en/security-advisory/qsa-24-28security@qnapsecurity.com.tw
Vendor Advisory
Hyperlink: https://www.qnap.com/en/security-advisory/qsa-24-28
Source: security@qnapsecurity.com.tw
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

86Records found

CVE-2023-47568
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.53% / 41.21%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 16:06
Updated-27 Aug, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero, QuTScloud

A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqutscloudqtsQuTScloudQuTS heroQTS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-47565
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8||HIGH
EPSS-73.28% / 99.39%
||
7 Day CHG~0.00%
Published-08 Dec, 2023 | 16:06
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-01-11||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Legacy VioStor NVR

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware 5.0.0 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qvr_firmwareVioStor NVRVioStor NVR
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-41285
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.54% / 41.57%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 16:02
Updated-03 Sep, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QuMagie

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qumagieQuMagie
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-41287
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.51% / 39.50%
||
7 Day CHG~0.00%
Published-05 Jan, 2024 | 16:19
Updated-17 Jun, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Video Station

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-video_stationVideo Station
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-41288
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.14% / 62.74%
||
7 Day CHG~0.00%
Published-05 Jan, 2024 | 16:19
Updated-17 Apr, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Video Station

An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-video_stationVideo Station
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-39297
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.41% / 69.30%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 16:03
Updated-15 May, 2025 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqutscloudqtsQuTS heroQTSQuTScloud
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34974
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.94% / 56.54%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 16:27
Updated-13 Sep, 2024 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero, QuTScloud, QVR, QES

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2626 build 20231225 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqtsQuTS heroQESQVRQuTScloudQTSquts_heroqts
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34976
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-10||CRITICAL
EPSS-0.51% / 39.97%
||
7 Day CHG~0.00%
Published-13 Oct, 2023 | 19:17
Updated-12 Jan, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Video Station

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-video_stationVideo Station
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-44051
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.59% / 72.67%
||
7 Day CHG-0.02%
Published-05 May, 2022 | 16:50
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection

A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 5.0.0.1986 build 20220324 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqutscloudqtsQuTScloudQuTS heroQTS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-7183
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.61% / 73.05%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 16:41
Updated-04 Aug, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.

Action-Not Available
Vendor-n/aQNAP Systems, Inc.
Product-qtsQNAP NAS devices
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-48862
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-8.7||HIGH
EPSS-0.93% / 56.16%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 15:31
Updated-08 Dec, 2025 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QuLog Center

A link following vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.831 ( 2024/10/15 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qulog_centerQuLog Centerqulog_center
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-66277
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-9.2||CRITICAL
EPSS-0.63% / 45.93%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:15
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build 20251216 and later QuTS hero h5.3.2.3354 build 20251225 and later QuTS hero h5.2.8.3350 build 20251216 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qtsquts_heroQuTS heroQTS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-53594
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 1.65%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 15:18
Updated-02 Jan, 2026 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qfinder Pro, Qsync, QVPN

A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinder Pro Mac 7.13.0 and later Qsync for Mac 5.1.5 and later QVPN Device Client for Mac 2.2.8 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-QVPN Device Client for MacQsync for MacQfinder Pro Mac
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-44052
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.49% / 70.89%
||
7 Day CHG+0.09%
Published-05 May, 2022 | 16:50
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary file read

An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero, and QTS: QuTScloud c5.0.1.1998 and later QuTS hero h4.5.4.1971 build 20220310 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 4.3.4.1976 build 20220303 and later QTS 4.3.3.1945 build 20220303 and later QTS 4.2.6 build 20220304 and later QTS 4.3.6.1965 build 20220302 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqutscloudqtsQuTScloudQuTS heroQTS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-13095
Matching Score-4
Assigner-Objective Development Software GmbH
ShareView Details
Matching Score-4
Assigner-Objective Development Software GmbH
CVSS Score-8.8||HIGH
EPSS-1.89% / 77.07%
||
7 Day CHG~0.00%
Published-30 Jun, 2020 | 16:33
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.

Action-Not Available
Vendor-obdevn/a
Product-little_snitchLittle Snitch
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-41667
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.50% / 39.25%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 07:03
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script

A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-AXC F 1152AXC F 2152BPC 9102SAXC F 3152RFC 4072S
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-10928
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-2.70% / 84.11%
||
7 Day CHG~0.00%
Published-04 Sep, 2018 | 15:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.

Action-Not Available
Vendor-glusterDebian GNU/LinuxRed Hat, Inc.openSUSE
Product-enterprise_linux_serverdebian_linuxenterprise_linuxvirtualization_hostglusterfsgluster_storageleapglusterfs
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-23772
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-7.5||HIGH
EPSS-1.82% / 76.15%
||
7 Day CHG~0.00%
Published-24 Dec, 2021 | 12:05
Updated-16 Sep, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Write

This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.

Action-Not Available
Vendor-iris-gon/aGo
Product-goirisgithub.com/kataras/irisgithub.com/kataras/iris/v12
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-25152
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.4||HIGH
EPSS-0.68% / 48.00%
||
7 Day CHG~0.00%
Published-08 Feb, 2023 | 18:52
Updated-10 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symbolic Link (Symlink) Following in github.com/pterodactyl/wings

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode, or potentially add ssh authorized keys to allow the attacker access to a remote shell on the target machine. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by the Wings Daemon. This vulnerability has been resolved in version `v1.11.3` of the Wings Daemon, and has been back-ported to the 1.7 release series in `v1.7.3`. Anyone running `v1.11.x` should upgrade to `v1.11.3` and anyone running `v1.7.x` should upgrade to `v1.7.3`. There are no known workarounds for this vulnerability. ### Workarounds None at this time.

Action-Not Available
Vendor-Pterodactyl
Product-wingswings
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-10947
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.02% / 78.57%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 12:38
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-anti-virus_for_sophos_homeanti-virus_for_sophos_centraln/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-45405
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9||CRITICAL
EPSS-0.29% / 20.70%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 16:23
Updated-26 Jun, 2026 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dokku: Arbitrary File Write via Tar Symlink Traversal in git:from-archive and certs:add

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preventing symlink traversal. GNU tar creates symlinks during extraction and follows them for subsequent entries, allowing an attacker to write arbitrary files anywhere writable by the dokku user — including overwriting ~/.ssh/authorized_keys to gain unrestricted shell access. This vulnerability is fixed in 0.38.2.

Action-Not Available
Vendor-dokkudokku
Product-dokkudokku
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-41236
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.37% / 28.63%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 17:52
Updated-08 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path

Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to `~/.ssh/authorized_keys` under a customer-controlled home directory without verifying that the target path is not a symbolic link. If an attacker controls a shell-enabled customer account and can modify files inside the assigned home directory, the attacker can replace `~/.ssh/authorized_keys` with a symlink to `/root/.ssh/authorized_keys`. When Froxlor's privileged cron task later synchronizes SSH keys, it appends the attacker-supplied key into root's authorized key file, resulting in root SSH access. Version 2.3.7 contains a patch.

Action-Not Available
Vendor-froxlor
Product-froxlor
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-34604
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.37% / 29.15%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 16:05
Updated-07 Apr, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/graphql uses string-based path containment checks in FilesystemBridge. That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the allowed content root, a path like content/posts/pivot/owned.md is still considered "inside" the base even though the real filesystem target can be outside it. As a result, FilesystemBridge.get(), put(), delete(), and glob() can operate on files outside the intended root. This issue has been patched in version 2.2.2.

Action-Not Available
Vendor-sswtinacms
Product-tinacms\/graphqltinacms
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-33001
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.16% / 63.31%
||
7 Day CHG+0.41%
Published-18 Mar, 2026 | 15:15
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives, allowing crafted archives to write files to arbitrary locations on the filesystem, restricted only by file system access permissions of the user running Jenkins. This can be exploited to deploy malicious scripts or plugins on the controller by attackers with Item/Configure permission, or able to control agent processes.

Action-Not Available
Vendor-Red Hat, Inc.Jenkins
Product-jenkinsJenkinsOpenShift Developer Tools and Services 4.15OpenShift Developer Tools and Services 4.21OpenShift Developer Tools and Services 4.19Red Hat Developer HubOpenShift Developer Tools and Services 4.16OpenShift Developer Tools and Services 4.13OpenShift Developer Tools and Services 4.14OpenShift Developer Tools and Services 4.17OpenShift Developer Tools and Services 4.12OpenShift Developer Tools and Services 4.2OpenShift Developer Tools and Services 4.18
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-32013
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.64% / 46.17%
||
7 Day CHG~0.00%
Published-19 Mar, 2026 | 22:06
Updated-23 Jun, 2026 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway process permissions, potentially enabling code execution through file overwrite attacks.

Action-Not Available
Vendor-OpenClaw
Product-openclawOpenClaw
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-28872
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.77% / 51.27%
||
7 Day CHG~0.00%
Published-25 Dec, 2023 | 00:00
Updated-27 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport* location.

Action-Not Available
Vendor-ncp-en/a
Product-secure_enterprise_clientn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-41668
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.50% / 39.25%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 07:04
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Phoenix Contact: File access due to the replacement of a critical file used by the service security-profile

A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to any file on the device.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-AXC F 1152AXC F 2152BPC 9102SAXC F 3152RFC 4072S
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2025-41666
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.50% / 39.25%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 07:03
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Phoenix Contact: File access due to the replacement of a critical file used by the watchdog

A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-AXC F 1152AXC F 2152BPC 9102SAXC F 3152RFC 4072S
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-45418
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.46% / 36.49%
||
7 Day CHG+0.01%
Published-25 Feb, 2025 | 19:52
Updated-04 Mar, 2025 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zoom Apps for macOS - Symbolic Link Following

Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.

Action-Not Available
Vendor-Zoom Communications, Inc.
Product-roomsmeeting_software_development_kitvideo_software_development_kitworkplace_desktopZoom Apps for macOS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2021-47949
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.53% / 41.09%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 12:52
Updated-11 May, 2026 | 12:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CyberPanel 2.1 Authenticated Remote Code Execution via Symlink Attack

CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to /filemanager/controller to create symbolic links, read sensitive files like database credentials, and execute arbitrary shell commands through the /websites/fetchFolderDetails endpoint.

Action-Not Available
Vendor-CyberPersons LLC
Product-CyberPanel
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-5738
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-5.42% / 91.74%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 13:48
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.

Action-Not Available
Vendor-grandstreamn/a
Product-gxp1628gxp1610gxp1620_firmwaregxp1625gxp1615_firmwaregxp1610_firmwaregxp1628_firmwaregxp1630gxp1615gxp1620gxp1630_firmwaregxp1625_firmwareGrandstream GXP1600 Series
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-52535
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.54% / 41.42%
||
7 Day CHG~0.00%
Published-25 Dec, 2024 | 14:41
Updated-29 Jan, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. A low-privileged authenticated user could potentially exploit this vulnerability, gaining privileges escalation, leading to arbitrary deletion of files and folders from the system.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcssupportassist_for_home_pcsSupportAssist for Home PCsSupportAssist for Business PCs
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-6069
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.9||CRITICAL
EPSS-0.84% / 53.27%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 00:00
Updated-02 Aug, 2024 | 08:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Link Resolution Before File Access in froxlor/froxlor

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-4759
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-8.8||HIGH
EPSS-1.88% / 76.98%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 09:12
Updated-07 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper handling of case insensitive filesystems in Eclipse JGit allows arbitrary file write

Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier). This can be exploited for remote code execution (RCE), for instance if the file written outside the working tree is a git filter that gets executed on a subsequent git command. The issue occurs only on case-insensitive filesystems, like the default filesystems on Windows and macOS. The user performing the clone or checkout must have the rights to create symbolic links for the problem to occur, and symbolic links must be enabled in the git configuration. Setting git configuration option core.symlinks = false before checking out avoids the problem. The issue was fixed in Eclipse JGit version 6.6.1.202309021850-r and 6.7.0.202309050840-r, available via Maven Central https://repo1.maven.org/maven2/org/eclipse/jgit/  and repo.eclipse.org https://repo.eclipse.org/content/repositories/jgit-releases/ . A backport is available in 5.13.3 starting from 5.13.3.202401111512-r. The JGit maintainers would like to thank RyotaK for finding and reporting this issue.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationEclipse Foundation AISBL
Product-jgitwindowsmacosEclipse JGitjgit
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-178
Improper Handling of Case Sensitivity
CVE-2020-15932
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.25% / 86.83%
||
7 Day CHG~0.00%
Published-24 Jul, 2020 | 16:15
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, causing elevation of privileges.

Action-Not Available
Vendor-overwolfn/a
Product-overwolfn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2017-2916
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.9||CRITICAL
EPSS-2.25% / 80.78%
||
7 Day CHG~0.00%
Published-07 Nov, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an arbitrary file to be overwritten. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-meetcircleCircle Media
Product-circle_with_disney_firmwarecircle_with_disneyCircle
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
  • Previous
  • 1
  • 2
  • Next
Details not found