3 matches found
CVE-2026-40024
A flaw was found in The Sleuth Kit, specifically in the tskrecover tool. An attacker can exploit this path traversal vulnerability by providing a specially crafted filesystem image containing malicious filenames or directory paths with path traversal sequences. This allows the attacker to write...
CVE-2026-40024
The vulnerability affects Sleuth Kit up to version 4.14.0, specifically in the tsk_recover component. A path traversal flaw allows an attacker to write files outside the intended recovery directory by crafting filesystem images with embedded /.. sequences in filenames, which can lead to overwriti...
PT-2026-31461
The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...