2 matches found
CVE-2026-40254
FreeRDP contains an off-by-one path traversal vulnerability in the drive channel (reads/list/write files one directory above the shared folder) due to a flaw in contains_dotdot() in channels/drive/client/drive_file.c. A rogue RDP server can exploit this when drive redirection is enabled, affectin...
CVE-2022-47531
An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...