Lucene search
Veracode Vulnerability DatabaseVERACODE:29150HistoryJan 27, 2021 - 5:30 a.m.
Directory Traversal
2021-01-2705:30:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.092 Low
EPSS
Percentile
94.7%
node-red-dashboard is vulnerable to directory traversal. Lack of validation in the URL allows an attacker to access system files outside of the webroot via a malicious URL such as /ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
| CPE | Name | Operator | Version |
|---|---|---|---|
| node-red-dashboard | le | 2.26.1 |
Related
github
github
Path traversal in Node-RED-Dashboard
2021-01-29 18:13:52
nuclei
nuclei
Node RED Dashboard <2.26.2 - Local File Inclusion
2021-06-24 12:07:17
seebug
seebug
Node-RED-Dashboard δ»»ζζδ»Άθ―»εζΌζ΄ οΌCVE-2021-3223οΌ
2021-07-05 00:00:00
osv
osv
Path traversal in Node-RED-Dashboard
2021-01-29 18:13:52
CVE-2021-3223
2021-01-26 18:16:28
cvelist
cvelist
CVE-2021-3223
2021-01-26 05:58:52
nodejs
nodejs
Path Traversal
2021-02-22 17:47:30
nvd
nvd
CVE-2021-3223
2021-01-26 18:16:28
cve
cve
CVE-2021-3223
2021-01-26 18:16:28
prion
prion
Directory traversal
2021-01-26 18:16:00
openvas
openvas
Generic HTTP Directory Traversal (Web Dirs) - Active Check
2021-07-22 00:00:00