25 matches found
Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp
Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
CVE-2026-22320
A stack-based buffer overflow in the CLI’s TFTP file-transfer command handling can be triggered by a low-privileged attacker with Telnet/SSH access by supplying an unexpected or oversized filename input. This memory corruption affects the internal buffer, rendering the CLI and web dashboard unava...
SUSE CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
Linux Distros Unpatched Vulnerability : CVE-2026-21620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules,...
CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
DEBIAN-CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
AZL-78278 CVE-2026-21620 affecting package erlang 25.3.2.21-4
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
UBUNTU-CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
CVE-2026-21620
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
EEF-CVE-2026-21620 TFTP Path Traversal
Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
PT-2026-21008
Name of the Vulnerable Software and Affected Versions erlang otp versions 1.0 through 6.9 erlang otp version 17.0 erlang otp versions prior to 7.0 Description The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program...
Remote code execution
A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution...
CVE-2023-43202
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...
CVE-2023-43202
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...
Command injection
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...
CVE-2023-43202
D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...
The vulnerability of the TftpSendFileThread component in the D-View 8 network device management platform allows a hacker to disclose protected information.
The vulnerability of the TftpSendFileThread component in the D-View 8 network device management platform is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a remote attacker to disclose the protected information...
SUSE CVE-2019-11365
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...
DEBIAN-CVE-2019-11365
An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...