EUVD-2020-26842

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Directory traversal vulnerability in GROWI allows remote data alteration via file upload.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2020-5683	16 Dec 202015:25	–	circl
CNNVD	Weseek GROWI 路径遍历漏洞	15 Dec 202000:00	–	cnnvd
CNVD	WESEEK GROWI Directory Traversal Vulnerability	17 Dec 202000:00	–	cnvd
CVE	CVE-2020-5683	16 Dec 202007:45	–	cve
Cvelist	CVE-2020-5683	16 Dec 202007:45	–	cvelist
Japan Vulnerability Notes	JVN#94169589: Multiple vulnerabilities in GROWI	15 Dec 202000:00	–	jvn
Japan Vulnerability Notes	Multiple vulnerabilities in GROWI	15 Dec 202006:41	–	jvn
NVD	CVE-2020-5683	16 Dec 202008:15	–	nvd
Prion	Directory traversal	16 Dec 202008:15	–	prion
RedhatCVE	CVE-2020-5683	22 May 202517:03	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "01d346f3-706a-3908-b5da-49ffb877f5eb",
        "vendor": {
          "name": "WESEEK, Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "39df3f75-a225-3ce0-b396-4c5e9c082df9",
        "product": {
          "name": "GROWI"
        },
        "product_version": "GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier"
      }
    ]
  }
]

Source	Link
github	www.github.com/weseek/growi
hub	www.hub.docker.com/r/weseek/growi/
jvn	www.jvn.jp/en/jp/JVN94169589/index.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.17.5

CVSS 25

EPSS0.00957