Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-58467

Summary
Assigner-qnap
Assigner Org ID-2fd009eb-170a-4625-932b-17a53af1051f
Published At-11 Feb, 2026 | 12:16
Updated At-11 Feb, 2026 | 16:54
Rejected At-
Credits

Qsync Central

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qnap
Assigner Org ID:2fd009eb-170a-4625-932b-17a53af1051f
Published At:11 Feb, 2026 | 12:16
Updated At:11 Feb, 2026 | 16:54
Rejected At:
▼CVE Numbering Authority (CNA)
Qsync Central

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Affected Products
Vendor
QNAP Systems, Inc.QNAP Systems Inc.
Product
Qsync Central
Default Status
unaffected
Versions
Affected
  • From 5.0.x.x before 5.0.0.4 ( 2026/01/20 ) (custom)
Problem Types
TypeCWE IDDescription
CWECWE-23CWE-23
Type: CWE
CWE ID: CWE-23
Description: CWE-23
Metrics
VersionBase scoreBase severityVector
4.01.3LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
Version: 4.0
Base score: 1.3
Base severity: LOW
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-139CAPEC-139
CAPEC ID: CAPEC-139
Description: CAPEC-139
Solutions

We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Configurations
Workarounds
Exploits
Credits
finder
coral
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qnap.com/en/security-advisory/qsa-26-02
N/A
Hyperlink: https://www.qnap.com/en/security-advisory/qsa-26-02
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@qnapsecurity.com.tw
Published At:11 Feb, 2026 | 13:15
Updated At:12 Feb, 2026 | 14:40

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.01.3LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 4.0
Base score: 1.3
Base severity: LOW
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches
QNAP Systems, Inc.
qnap
>>qsync_central>>Versions from 5.0.0.0(inclusive) to 5.0.0.4(exclusive)
cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-23Primarysecurity@qnapsecurity.com.tw
CWE ID: CWE-23
Type: Primary
Source: security@qnapsecurity.com.tw
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qnap.com/en/security-advisory/qsa-26-02security@qnapsecurity.com.tw
Vendor Advisory
Hyperlink: https://www.qnap.com/en/security-advisory/qsa-26-02
Source: security@qnapsecurity.com.tw
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

56Records found
CVE-2021-44052
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.43% / 62.21%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 16:50
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary file read

An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero, and QTS: QuTScloud c5.0.1.1998 and later QuTS hero h4.5.4.1971 build 20220310 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 4.3.4.1976 build 20220303 and later QTS 4.3.3.1945 build 20220303 and later QTS 4.2.6 build 20220304 and later QTS 4.3.6.1965 build 20220302 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqutscloudqtsQuTScloudQuTS heroQTS
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2024-21904
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.38% / 58.64%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 16:26
Updated-11 Sep, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqtsQuTS heroQTS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-22894
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.24% / 47.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:15
Updated-12 Feb, 2026 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2018-19947
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 14:14
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-helpdeskHelpdesk
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-210
Self-generated Error Message Containing Sensitive Information
CVE-2025-68406
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.24% / 47.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:15
Updated-12 Feb, 2026 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-66278
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.24% / 47.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:15
Updated-12 Feb, 2026 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-62853
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-5.2||MEDIUM
EPSS-0.07% / 20.93%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:16
Updated-12 Feb, 2026 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-58470
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.24% / 47.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:16
Updated-12 Feb, 2026 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-57712
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.08% / 23.24%
||
7 Day CHG~0.00%
Published-07 Nov, 2025 | 15:11
Updated-14 Nov, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.3 ( 2025/08/28 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-54170
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.25%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:17
Updated-12 Feb, 2026 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-54169
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.15% / 35.10%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:17
Updated-12 Feb, 2026 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-54152
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.05% / 14.25%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 12:18
Updated-12 Feb, 2026 | 13:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2025-52863
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.12% / 31.74%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 14:53
Updated-05 Jan, 2026 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qtsquts_heroQTSQuTS hero
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-52864
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.12% / 31.74%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 14:54
Updated-05 Jan, 2026 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qtsquts_heroQTSQuTS hero
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-52872
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.12% / 31.74%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 14:54
Updated-05 Jan, 2026 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qtsquts_heroQTSQuTS hero
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-51366
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-8.7||HIGH
EPSS-0.28% / 51.08%
||
7 Day CHG~0.00%
Published-06 Sep, 2024 | 16:26
Updated-11 Sep, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqtsQuTS heroQTS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-52871
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-1.3||LOW
EPSS-0.05% / 16.73%
||
7 Day CHG~0.00%
Published-02 Jan, 2026 | 15:18
Updated-05 Jan, 2026 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
License Center

An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-license_centerLicense Center
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-33034
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 24.93%
||
7 Day CHG~0.00%
Published-03 Oct, 2025 | 18:08
Updated-07 Oct, 2025 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33036
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.70%
||
7 Day CHG+0.01%
Published-29 Aug, 2025 | 17:17
Updated-19 Sep, 2025 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33035
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.40%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 15:52
Updated-17 Sep, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33038
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.70%
||
7 Day CHG+0.01%
Published-29 Aug, 2025 | 17:17
Updated-19 Sep, 2025 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33033
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.70%
||
7 Day CHG+0.01%
Published-29 Aug, 2025 | 17:16
Updated-19 Sep, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-33037
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.70%
||
7 Day CHG+0.01%
Published-29 Aug, 2025 | 17:17
Updated-19 Sep, 2025 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qsync_centralQsync Central
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-23365
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.26%
||
7 Day CHG~0.00%
Published-06 Oct, 2023 | 16:33
Updated-19 Sep, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Music Station

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-music_stationMusic Station
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-23366
Matching Score-8
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-8
Assigner-QNAP Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.26%
||
7 Day CHG~0.00%
Published-06 Oct, 2023 | 16:34
Updated-19 Sep, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Music Station

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-music_stationMusic Station
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-28798
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 60.11%
||
7 Day CHG~0.00%
Published-21 May, 2021 | 03:00
Updated-16 Sep, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Relative Path Traversal Vulnerability in QTS and QuTS hero

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.2.1630 Build 20210406 and later QTS 4.3.6.1663 Build 20210504 and later QTS 4.3.3.1624 Build 20210416 and later QuTS hero h4.5.2.1638 Build 20210414 and later QNAP NAS running QTS 4.5.3 are not affected.

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-quts_heroqtsQuTS heroQTS
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-58464
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-07 Nov, 2025 | 15:10
Updated-14 Nov, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QuMagie

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-qumagieQuMagie
CWE ID-CWE-23
Relative Path Traversal
CVE-2025-58463
Matching Score-6
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-6
Assigner-QNAP Systems, Inc.
CVSS Score-2.3||LOW
EPSS-0.07% / 21.98%
||
7 Day CHG~0.00%
Published-07 Nov, 2025 | 15:10
Updated-17 Nov, 2025 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Download Station

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Download Station 5.10.0.305 ( 2025/09/16 ) and later Download Station 5.10.0.304 ( 2025/09/08 ) and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-download_stationqtsquts_heroDownload Station
CWE ID-CWE-23
Relative Path Traversal
CVE-2021-4459
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 18.70%
||
7 Day CHG~0.00%
Published-27 Aug, 2025 | 08:00
Updated-27 Aug, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SMA: Directory Traversal in Sunny Boy <3.10.27.R

An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.

Action-Not Available
Vendor-SMA
Product-Boy 3.6Boy 3.0Boy 4.0Boy 5.0Boy 6.0
CWE ID-CWE-23
Relative Path Traversal
CVE-2021-41178
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.87% / 74.72%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 21:55
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Traversal affecting SVG files on Nextcloud Server

Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.

Action-Not Available
Vendor-Nextcloud GmbH
Product-serversecurity-advisories
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-38258
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.91% / 75.45%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:54
Updated-31 Dec, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_server_2016windows_server_2012windows_server_2022windows_server_2019windows_server_2008Windows Server 2022Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012 R2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server 2016
CWE ID-CWE-23
Relative Path Traversal
CVE-2024-36362
Matching Score-4
Assigner-JetBrains s.r.o.
ShareView Details
Matching Score-4
Assigner-JetBrains s.r.o.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.71%
||
7 Day CHG~0.00%
Published-29 May, 2024 | 13:28
Updated-16 Dec, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible

Action-Not Available
Vendor-JetBrains s.r.o.
Product-teamcityTeamCity
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-37288
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.14%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 00:00
Updated-13 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SmartBPM.NET - Path Traversal

SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files.

Action-Not Available
Vendor-smartsoftSmartSoft
Product-smartbpm.netSmartBPM.NET
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-18338
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.7||HIGH
EPSS-0.76% / 72.82%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-15 Nov, 2024 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.

Action-Not Available
Vendor-Siemens AG
Product-sinvr_3_video_serversinvr_3_central_control_serverControl Center Server (CCS)
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-19287
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 38.69%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.

Action-Not Available
Vendor-Siemens AG
Product-xhqXHQ
CWE ID-CWE-23
Relative Path Traversal
CVE-2023-20066
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.47% / 63.90%
||
7 Day CHG~0.00%
Published-23 Mar, 2023 | 00:00
Updated-25 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI Path Traversal Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr_907catalyst_9500hcatalyst_3850-16xs-scatalyst_3850-48pw-sasr_1000-esp200-xcatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routercg522-easr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dasr_1000-esp100-xcatalyst_9300l-48t-4x-aasr_920-12sz-imcatalyst_8300catalyst_8500-4qccatalyst_3850-48u-lcatalyst_9800-80_wireless_controlleress-3300-ncp-acatalyst_8300-1n1s-6t8101-32fhcatalyst_9300l-24t-4g-easr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-e1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-eess-3300-24t-con-e9800-40catalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lcatalyst_3850-24xucatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1ess-3300-24t-con-acatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902u1100-4p_integrated_services_routerasr_903asr_9920asr_9906catalyst_ie3200_rugged_switchcatalyst_3850-48t-ecg418-e1101_integrated_services_routerasr_920-24tz-m_r8101-32hasr_920-24sz-m_ress-3300-24t-ncp-acatalyst_3850-12s-sasr_9010asr_920-4sz-d_rcatalyst_3850-24u-sasr_99021100_integrated_services_routerasr_901-4c-ft-dcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aess-3300-24t-ncp-easr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_901s-3sg-f-ah4221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr_1002-xasr_920-12cz-d_r8800_18-slotcatalyst_9300lcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_3850-12s-ecatalyst_8500asr_920u-12sz-im8831catalyst_3850-24t-easr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2x8804catalyst_ie3300_rugged_switchasr_1000catalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r88081100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-easr_9148202catalyst_3850-24p-scatalyst_3850-24u9800-lcatalyst_9300l_stackasr_920-12cz-dcatalyst_9300l-24p-4g-easr_920-4sz-d111x_integrated_services_routercatalyst_9800-l8201-32fhasr_1013catalyst_8540msrasr_920-24sz-imcatalyst_3850-nm-2-40gcbr-8catalyst_9300lmcatalyst_9300-24t-easr_9000vcatalyst_3850-48t-scatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200catalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-mintegrated_services_virtual_routerasr_920-4sz-acatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-eess-3300-con-aasr_901-6cz-ft-dasr_901-6cz-f-dess-3300-ncp-easr_9000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rcatalyst_3850-24xu-s4451_integrated_services_routerasr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1ess-3300-con-ecatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-a9800-clcatalyst_3850-48f-sasr_901-4c-f-d8800_8-slotasr_1001-hx_rcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_9300-48uxm-aasr_102388128818catalyst_9300-24p-aasr_1001esr6300catalyst_3850-48xs-easr_9904catalyst_9300-24u-acatalyst_3850-48uasr_1001-hxcatalyst_ie33008102-64hasr_1009-x8201catalyst_9300-24u-easr_901-6cz-f-acatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24xsasr_99038800_4-slotess9300-10x-e4431_integrated_services_router9800-80asr_901-6cz-fs-acatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_router8800_12-slotasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS XE Software
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-20023
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.06% / 17.76%
||
7 Day CHG+0.01%
Published-05 Dec, 2025 | 00:00
Updated-17 Dec, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided.

Action-Not Available
Vendor-cksourceCKSource
Product-ckfinderCKFinder
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-23
Relative Path Traversal
CVE-2021-32954
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.11%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 13:53
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccess\/scadaAdvantech WebAccess/SCADA
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-3162
Matching Score-4
Assigner-Kubernetes
ShareView Details
Matching Score-4
Assigner-Kubernetes
CVSS Score-6.5||MEDIUM
EPSS-0.85% / 74.42%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthorized read of Custom Resources

Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.

Action-Not Available
Vendor-Kubernetes
Product-kubernetesKubernetes
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-22096
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.08%
||
7 Day CHG~0.00%
Published-01 Feb, 2024 | 23:15
Updated-09 May, 2025 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Relative Path Traversal in Rapid SCADA

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system.

Action-Not Available
Vendor-rapidscadaRapid Software LLC
Product-rapid_scadaRapid SCADA
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-49062
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 76.99%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 17:49
Updated-13 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SharePoint Information Disclosure Vulnerability

Microsoft SharePoint Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sharepoint_serverMicrosoft SharePoint Enterprise Server 2016Microsoft SharePoint Server 2019Microsoft SharePoint Server Subscription Edition
CWE ID-CWE-23
Relative Path Traversal
CVE-2022-30300
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.68% / 71.11%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-22 Oct, 2024 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-0550
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.6||CRITICAL
EPSS-0.72% / 72.00%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 04:52
Updated-10 Jan, 2025 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privileged User using traversal to read system files

A user who is privileged already `manager` or `admin` can set their profile picture via the frontend API using a relative filepath to then user the PFP GET API to download any valid files. The attacker would have to have been granted privileged permissions to the system before executing this attack.

Action-Not Available
Vendor-mintplexlabsmintplex-labsmintplexlabs
Product-anythingllmmintplex-labs/anything-llmanythingllm
CWE ID-CWE-23
Relative Path Traversal
CVE-2025-59682
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.1||LOW
EPSS-0.04% / 11.24%
||
7 Day CHG~0.00%
Published-01 Oct, 2025 | 00:00
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.

Action-Not Available
Vendor-Django
Product-djangoDjango
CWE ID-CWE-23
Relative Path Traversal
CVE-2022-2139
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.5||MEDIUM
EPSS-0.38% / 59.16%
||
7 Day CHG~0.00%
Published-22 Jul, 2022 | 14:58
Updated-16 Apr, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advantech iView

The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.

Action-Not Available
Vendor-Advantech (Advantech Co., Ltd.)
Product-iviewiView
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-20790
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.64% / 69.98%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 18:50
Updated-06 Nov, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Communications Products Arbitrary File Read Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_managerCisco Unified Communications Manager
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-22674
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 53.93%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 14:00
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccess\/scadaWebAccess/SCADA
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-22870
Matching Score-4
Assigner-GitHub, Inc. (Products Only)
ShareView Details
Matching Score-4
Assigner-GitHub, Inc. (Products Only)
CVSS Score-6.5||MEDIUM
EPSS-0.46% / 63.41%
||
7 Day CHG~0.00%
Published-10 Nov, 2021 | 01:55
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path traversal in GitHub Enterprise Server hosted Pages leads to unauthorized file read access

A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.19, 3.1.11, and 3.2.3. This vulnerability was reported via the GitHub Bug Bounty program.

Action-Not Available
Vendor-GitHub, Inc.
Product-enterprise_serverGitHub Enterprise Server
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-13771
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.1||HIGH
EPSS-0.07% / 22.11%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 07:49
Updated-01 Dec, 2025 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uniong|WebITR - Arbitrary File Read

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

Action-Not Available
Vendor-uniongUniong
Product-webitrWebITR
CWE ID-CWE-23
Relative Path Traversal
CVE-2025-10249
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.45%
||
7 Day CHG+0.01%
Published-09 Oct, 2025 | 11:20
Updated-09 Oct, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above, to install and activate plugin add-ons, create sliders, and download arbitrary files.

Action-Not Available
Vendor-Revolution Slider
Product-Slider Revolution
CWE ID-CWE-23
Relative Path Traversal
  • Previous
  • 1
  • 2
  • Next
Details not found