CVE-2020-37214

🗓️ 11 Feb 2026 20:37:32Reported by VulnCheckType

cve🔗 web.nvd.nist.gov👁 8 Views🌐 WEB

Directory traversal in Voyager 1.3.0 allows reading files via asset path '/admin/voyager-assets'.

Reporter	Title	Published	Views	Family All 6
CNNVD	Voyager 路径遍历漏洞	11 Feb 202600:00	–	cnnvd
Cvelist	CVE-2020-37214 Voyager 1.3.0 - Directory Traversal	11 Feb 202620:37	–	cvelist
NVD	CVE-2020-37214	11 Feb 202621:16	–	nvd
Positive Technologies	PT-2026-7712	11 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2020-37214	13 Feb 202601:30	–	redhatcve
Vulnrichment	CVE-2020-37214 Voyager 1.3.0 - Directory Traversal	11 Feb 202620:37	–	vulnrichment

Vulners

CNA

Node

the_control_group voyagerRange≤<= 1.3.0

[
  {
    "vendor": "The Control Group",
    "product": "Voyager",
    "versions": [
      {
        "version": "<= 1.3.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/the-control-group/voyager/releases/tag/v1.3.0
github	www.github.com/the-control-group/voyager/releases/tag/v1.2.7
exploit-db	www.exploit-db.com/exploits/47875
voyager	www.voyager.devdojo.com/
vulncheck	www.vulncheck.com/advisories/voyager-directory-traversal

Parameter	Position	Path	Description	CWE
path	path	/admin/voyager-assets	Directory traversal vulnerability in Voyager 1.3.0 via manipulated path parameter allowing access to arbitrary files (e.g., /etc/passwd, .env).	CWE-22

17 Jun 2026 03:17Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.17.5

CVSS 48.7

EPSS0.00611

SSVC

CWE-22