4 matches found
CVE-2023-32167
The CVE-2023-32167 entry concerns D-Link D-View’s uploadMib function, where improper validation of a user-supplied path enables directory traversal and arbitrary file creation/deletion in the SYSTEM context. The vulnerability requires authentication to exploit and is evidenced by multiple disclos...
CVE-2023-47211
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability...
ManageEngine OpManager uploadMib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1851 ManageEngine OpManager uploadMib directory traversal vulnerability January 8, 2024 CVE Number CVE-2023-47211 SUMMARY A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP...
ZOHO ManageEngine OpManager Path Traversal Vulnerability
ZOHO ManageEngine OpManager is a comprehensive network monitoring software from ZOHO. It is used to manage routers, firewalls, servers, switches and printers. A path traversal vulnerability exists in ZOHO ManageEngine OpManager version 12.7.258, which stems from a directory traversal vulnerabilit...