CVE-2024-36473

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-73
View all →

Vulnerability Description

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.

Related Vulnerabilities

CVE-2022-2400

MEDIUM
CVSS:5.3(Medium)

External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.

CWE-732022

CVE-2022-34765

MEDIUM
CVSS:5.3(Medium)

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: ...

CWE-732022

CVE-2022-45213

MEDIUM
CVSS:5.3(Medium)

perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.

CWE-732022

CVE-2023-30943

MEDIUM
CVSS:5.3(Medium)

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request...

CWE-732023

CVE-2023-47147

MEDIUM
CVSS:5.3(Medium)

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

CWE-732023

CVE-2024-12267

MEDIUM
CVSS:5.3(Medium)

The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited arbitrary file deletion due to insufficient file path validation in the dnd_codedropz_upload_delet...

CWE-732024