CVE-2024-20345

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-26
View all →

Vulnerability Description

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.

Related Vulnerabilities

CVE-2024-5865

MEDIUM
CVSS:6.5(Medium)

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Vers...

CWE-262024

CVE-2024-39673

HIGH
CVSS:7.1(High)

Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-262024

CVE-2024-25466

HIGH
CVSS:7.3(High)

Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library comp...

CWE-262024

CVE-2021-42021

HIGH
CVSS:7.5(High)

A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1...

CWE-262021

CVE-2024-31551

HIGH
CVSS:7.5(High)

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.

CWE-262024

CVE-2021-34762

HIGH
CVSS:8.1(High)

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an af...

CWE-262021