CVE-2023-41290

MEDIUM Year: 2023
CVSS v3 Score
4.1
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later

Related Vulnerabilities

CVE-2019-12691

MEDIUM
CVSS:4.1(Medium)

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an af...

CWE-222019

CVE-2020-15141

MEDIUM
CVSS:4.1(Medium)

In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to...

CWE-222020

CVE-2017-18824

MEDIUM
CVSS:4.0(Medium)

Certain NETGEAR devices are affected by directory traversal. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M430...

CWE-222017

CVE-2024-36795

MEDIUM
CVSS:4.0(Medium)

Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.

CWE-222024

CVE-2024-54535

MEDIUM
CVSS:4.0(Medium)

A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders...

CWE-222024

CVE-2019-3828

MEDIUM
CVSS:4.2(Medium)

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible contr...

CWE-222019