CVE-2022-41667

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-22
View all →

Vulnerability Description

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).

Related Vulnerabilities

CVE-2009-3721

HIGH
CVSS:7.8(High)

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to ...

CWE-222009

CVE-2015-0016

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gol...

CWE-222015

CVE-2015-3151

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) Ne...

CWE-222015

CVE-2015-7270

HIGH
CVSS:7.8(High)

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal.

CWE-222015

CVE-2015-8535

HIGH
CVSS:7.8(High)

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center ...

CWE-222015

CVE-2016-4313

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

CWE-222016