CVE-2022-30301

MEDIUM Year: 2022
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.

Related Vulnerabilities

CVE-2012-5380

MEDIUM
CVSS:6.7(Medium)

Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse D...

CWE-222012

CVE-2018-1204

MEDIUM
CVSS:6.7(Medium)

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phon...

CWE-222018

CVE-2019-12666

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The...

CWE-222019

CVE-2019-1952

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid admi...

CWE-222019

CVE-2020-3236

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwri...

CWE-222020

CVE-2021-29246

MEDIUM
CVSS:6.7(Medium)

BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special c...

CWE-222021