Lucene search
SnykCVELIST:CVE-2020-7757HistoryNov 02, 2020 - 6:30 p.m.
CVE-2020-7757 Path Traversal
2020-11-0218:30:16
snyk
www.cve.org
4
cve-2020-7757
path traversal
droppy
configuration files
server
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
EPSS
0.001
Percentile
26.1%
This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server.
CNA Affected
[
{
"product": "droppy",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
osv
osv
Path Traversal in droppy
2021-05-10 18:47:29
cve
cve
CVE-2020-7757
2020-11-02 22:15:13
prion
prion
Design/Logic Flaw
2020-11-02 22:15:00
github
github
Path Traversal in droppy
2021-05-10 18:47:29
nvd
nvd
CVE-2020-7757
2020-11-02 22:15:13
veracode
veracode
Directory Traversal
2020-11-03 03:39:42
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
EPSS
0.001
Percentile
26.1%
Related for CVELIST:CVE-2020-7757