Known Exploited Vulnerabilities Directory Traversal (Relative and Absolute) Capability Group

This vulnerability is exploited through a path traversal flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging authenticated administrative access to remotely write arbitrary files onto the server. This enables them to deploy additional payloads, potentially granting further access and compromising the system. This vulnerability is often used in conjunction with CVE-2023-35078 (along with others) that provides unauthenticated access, enhancing the attack's capabilities. It has been actively exploited, impacting victims by leveraging both vulnerabilities together.

This vulnerability is exploited through a path traversal flaw in Ivanti EPMM. Attackers initiate this vulnerability by leveraging authenticated administrative access to remotely write arbitrary files onto the server. This enables them to deploy additional payloads, potentially granting further access and compromising the system.

CVE-2023-32315 is a path traversal bug in Openfire's administrative console that could be leveraged for remote code execution. Public reports have indicated that threat actors were exploiting this vulnerability to gain access to the Openfire plugins interface to create new admin console user accounts, install a malicious plugin, and gain access to a webshell.

CVE-2023-32315 is a path traversal bug in Openfire's administrative console that could be leveraged for remote code execution. Public reports have indicated that threat actors were exploiting this vulnerability to gain access to the Openfire plugins interface to create new admin console user accounts, install a malicious plugin, and gain access to a webshell.

CVE-2023-32315 is a path traversal bug in Openfire's administrative console that could be leveraged for remote code execution. Public reports have indicated that threat actors were exploiting this vulnerability to gain access to the Openfire plugins interface to create new admin console user accounts, install a malicious plugin, and gain access to a webshell.

CVE-2023-32315 is a path traversal bug in Openfire's administrative console that could be leveraged for remote code execution. Public reports have indicated that threat actors were exploiting this vulnerability to gain access to the Openfire plugins interface to create new admin console user accounts, install a malicious plugin, and gain access to a webshell.

CVE-2022-41328 is a path traversal vulnerability that allows a privileged attacked to read and write to files on the underlying Linux system via crafted CLI commands. Adversaries have been observed modifying files that establish persistence upon boot. The malicious files provide the adversaries with the capabilities of: data exfiltration, download/write files, remote shell, and discovery of network connections.

CVE-2022-41328 is a path traversal vulnerability that allows a privileged attacked to read and write to files on the underlying Linux system via crafted CLI commands. Adversaries have been observed modifying files that establish persistence upon boot. The malicious files provide the adversaries with the capabilities of: data exfiltration, download/write files, remote shell, and discovery of network connections.

CVE-2022-41328 is a path traversal vulnerability that allows a privileged attacked to read and write to files on the underlying Linux system via crafted CLI commands. Adversaries have been observed modifying files that establish persistence upon boot. The malicious files provide the adversaries with the capabilities of: data exfiltration, download/write files, remote shell, and discovery of network connections.

CVE-2022-41328 is a path traversal vulnerability that allows a privileged attacked to read and write to files on the underlying Linux system via crafted CLI commands. Adversaries have been observed modifying files that establish persistence upon boot. The malicious files provide the adversaries with the capabilities of: data exfiltration, download/write files, remote shell, and discovery of network connections.

CVE-2021-42013 was introduced as the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50. CVE-2021-42013 is a path traversal vulnerability in Apache HTTP Server 2.4.49 that allows an attacker to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied," these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution.

CVE-2021-42013 was introduced as the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50. CVE-2021-42013 is a path traversal vulnerability in Apache HTTP Server 2.4.49 that allows an attacker to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied," these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution.

CVE-2021-41773 is a path traversal vulnerability in Apache HTTP Server 2.4.49 that allows an attacker to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied," these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution.

CVE-2021-41773 is a path traversal vulnerability in Apache HTTP Server 2.4.49 that allows an attacker to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied," these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution.

CVE-2020-3452 is a vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system.

CVE-2020-3452 is a vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system.

CVE-2019-3398 is a path traversal vulnerability in Atlassian Confluence Server and Data Center that allows an authenticated attacker to write files to arbitrary locations, potentially leading to remote code execution

CVE-2019-3398 is a path traversal vulnerability in Atlassian Confluence Server and Data Center that allows an authenticated attacker to write files to arbitrary locations, potentially leading to remote code execution

This is a path traversal vulnerability that allows adversary to download system files through specially-crafted HTTP requests.

This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories.

This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories

This is an exploitation of a public-facing server due to password misconfiguration. Exploitation allows attackers to access restricted directories

This is the exploitation of a public facing server. In-the-wild reporting documents that exploitation of this vulnerability was used to install a webshell on the victim machine, and then captured and exfiltrated client credit card information.

This is the exploitation of a public facing server. In-the-wild reporting documents that exploitation of this vulnerability was used to install a webshell on the victim machine, and then captured and exfiltrated client credit card information.

This is the exploitation of a public facing server. In-the-wild reporting documents that exploitation of this vulnerability was used to install a webshell on the victim machine, and then captured and exfiltrated client credit card information.

Due to improper handling of HTTP request input, attackers can exploit a path traversal vulnerability in SimpleHelp version 5.5.7 and prior to gain access to critical user data stored in SimpleHelp, such as credentials. From there, with the credentials, they can further compromise the system, such as with code execution.

Due to improper handling of HTTP request input, attackers can exploit a path traversal vulnerability in SimpleHelp version 5.5.7 and prior to gain access to critical user data stored in SimpleHelp, such as credentials. From there, with the credentials, they can further compromise the system, such as with code execution.

Due to improper handling of HTTP request input, attackers can exploit a path traversal vulnerability in SimpleHelp version 5.5.7 and prior to gain access to critical user data stored in SimpleHelp, such as credentials. From there, with the credentials, they can further compromise the system, such as with code execution.

Due to improper handling of HTTP request input, attackers can exploit a path traversal vulnerability in SimpleHelp version 5.5.7 and prior to gain access to critical user data stored in SimpleHelp, such as credentials. From there, with the credentials, they can further compromise the system, such as with code execution.

Due to improper handling of HTTP request input, attackers can exploit a path traversal vulnerability in SimpleHelp version 5.5.7 and prior to gain access to critical user data stored in SimpleHelp, such as credentials. From there, with the credentials, they can further compromise the system, such as with code execution.

Due to improper input sanitization, a user with administrative credentials can access and read arbitrary files on the MiCollab server.

Due to improper input sanitization, a user with administrative credentials can access and read arbitrary files on the MiCollab server.

Due to improper input sanitization, a user with administrative credentials can access and read arbitrary files on the MiCollab server. That data can then be exfiltrated.

By sending a crafted payload to a vulnerable WhatsUp Gold server, an attacker can conduct a path traversal attack and write malicious files onto the server. This leads to high-privileged remote code execution.

By sending a crafted payload to a vulnerable WhatsUp Gold server, an attacker can conduct a path traversal attack and write malicious files onto the server. This leads to high-privileged remote code execution.

An unauthenticated attacker can send a request to the NAKIVO Backup & Replication endpoint that contains a path to a sensitive file, leading to arbitrary file read.

An unauthenticated attacker can send a request to the NAKIVO Backup & Replication endpoint that contains a path to a sensitive file, leading to arbitrary file read.

An unauthenticated attacker can send a request to the NAKIVO Backup & Replication endpoint that contains a path to a sensitive file, leading to arbitrary file read.

This path traversal vulnerability can lead to privilege escalation on MiCollab, which can then lead to other exploits such as CVE-2024-55550.

This path traversal vulnerability can lead to privilege escalation on MiCollab, which can then lead to other exploits such as CVE-2024-55550.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

An attacker can exploit this vulnerability to coerce credential relay attacks and gain access to sensitive information.

This path traversal vulnerability in D-Link DIR-859 WiFi routers can lead to information disclosure, such as configuration files. As these devices are end-of-life, the manufacturer has no intention of patching this.

This path traversal vulnerability in D-Link DIR-859 WiFi routers can lead to information disclosure, such as configuration files. As these devices are end-of-life, the manufacturer has no intention of patching this.

This directory traversal vulnerability, if exploited using a malicious payload in an HTTP GET request, allows an unauthenticated attacker to access and read arbitrary files, leading to potential exfiltration/disclosure.

This directory traversal vulnerability, if exploited using a malicious payload in an HTTP GET request, allows an unauthenticated attacker to access and read arbitrary files, leading to potential exfiltration/disclosure.

By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.

By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.

By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.

By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.

By exploiting a path traversal vulnerability in Samsung MagicINFO 9 Server, an unauthenticated attacker can write arbitrary files with system privileges. This can be used to deploy malware or to hijack resources for activity such as cryptocurrency mining.

By exploiting a path traversal vulnerability in Samsung MagicINFO 9 Server, an unauthenticated attacker can write arbitrary files with system privileges. This can be used to deploy malware or to hijack resources for activity such as cryptocurrency mining.

By exploiting a path traversal vulnerability in Samsung MagicINFO 9 Server, an unauthenticated attacker can write arbitrary files with system privileges. This can be used to deploy malware or to hijack resources for activity such as cryptocurrency mining.

By exploiting a path traversal vulnerability in Samsung MagicINFO 9 Server, an unauthenticated attacker can write arbitrary files with system privileges. This can be used to deploy malware or to hijack resources for activity such as cryptocurrency mining.