CVE-2021-26725

HIGH Year: 2021
CVSS v3 Score
4.9
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-24
View all →

Vulnerability Description

Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.

Related Vulnerabilities

CVE-2023-20167

MEDIUM
CVSS:4.9(Medium)

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges...

CWE-242023

CVE-2023-4171

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. T...

CWE-242023

CVE-2023-7098

MEDIUM
CVSS:5.3(Medium)

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the...

CWE-242023

CVE-2024-0465

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the a...

CWE-242024

CVE-2024-1459

MEDIUM
CVSS:5.3(Medium)

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which m...

CWE-242024

CVE-2025-32807

MEDIUM
CVSS:5.3(Medium)

A path traversal vulnerability in FusionDirectory before 1.5 allows remote attackers to read arbitrary files on the host that end with .png (and .svg or .xpm for some configurations) via the icon para...

CWE-242025