CVE-2025-1086

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-23
View all →

Vulnerability Description

A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as critical. This vulnerability affects unknown code of the file /static/. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2018-18990

MEDIUM
CVSS:5.3(Medium)

LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information u...

CWE-232018

CVE-2019-13944

MEDIUM
CVSS:5.3(Medium)

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All vers...

CWE-232019

CVE-2021-29488

MEDIUM
CVSS:5.3(Medium)

SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Downloa...

CWE-232021

CVE-2021-32964

MEDIUM
CVSS:5.3(Medium)

The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal attack, which may allow an attacker to read arbitrary files from the file system.

CWE-232021

CVE-2022-42892

MEDIUM
CVSS:5.3(Medium)

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that coul...

CWE-232022

CVE-2024-24938

MEDIUM
CVSS:5.3(Medium)

In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation

CWE-232024