CVE-2024-37138

MEDIUM Year: 2024
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-23
View all →

Vulnerability Description

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the managed system.

Related Vulnerabilities

CVE-2018-13299

MEDIUM
CVSS:6.5(Medium)

Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.

CWE-232018

CVE-2019-11822

MEDIUM
CVSS:6.5(Medium)

Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto p...

CWE-232019

CVE-2019-18338

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication ...

CWE-232019

CVE-2019-19287

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets ov...

CWE-232019

CVE-2020-12010

HIGH
CVSS:7.1(High)

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete ...

CWE-232020