CVE-2023-28382

HIGH Year: 2023
CVSS v3 Score
8.1
High
Weakness Type
CWE-22
View all →

Vulnerability Description

Directory traversal vulnerability in ESS REC Agent Server Edition series allows an authenticated attacker to view or alter an arbitrary file on the server. Affected products and versions are as follows: ESS REC Agent Server Edition for Linux V1.0.0 to V1.4.3, ESS REC Agent Server Edition for Solaris V1.1.0 to V1.4.0, ESS REC Agent Server Edition for HP-UX V1.1.0 to V1.4.0, and ESS REC Agent Server Edition for AIX V1.2.0 to V1.4.1

Related Vulnerabilities

CVE-2007-5927

HIGH
CVSS:8.1(High)

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog sto...

CWE-222007

CVE-2008-5748

HIGH
CVSS:8.1(High)

Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.

CWE-222008

CVE-2009-4194

HIGH
CVSS:8.1(High)

Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in t...

CWE-222009

CVE-2016-1671

HIGH
CVSS:8.1(High)

Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/esca...

CWE-222016

CVE-2017-16929

HIGH
CVSS:8.1(High)

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a rem...

CWE-222017

CVE-2017-18585

HIGH
CVSS:8.1(High)

The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template='../ directory traversal.

CWE-222017