4 matches found
CVE-2026-0394
When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...
CVE-2026-0394
When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...
CVE-2026-0394
When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...
Zyxel NAS 326 Directory Traversal Vulnerability
The Zyxel NAS 326 is a two-drive personal cloud storage device from Zyxel. A directory traversal vulnerability exists in the File Browser component of the Zyxel NAS 326 5.21 and earlier versions. A low-privileged user can exploit this vulnerability to change the location of any other user's files...