Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,502)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-21722 1Microsoft 1.net Framework Nov 21, 2024 Feb 14, 2023 N/A· v4 5.0 MEDIUM· v3 N/A· v2 .NET Framework Denial of Service Vulnerability
CVE-2023-24572 1Dell 1Command \| Integration Suite For System Center Nov 21, 2024 Feb 13, 2023 N/A· v4 3.3 LOW· v3 N/A· v2 Dell Command \| Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulne...Show more Dell Command \| Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. Show less
CVE-2023-23697 1Dell 1Command \| Intel Vpro Out Of Band Nov 21, 2024 Feb 13, 2023 N/A· v4 3.3 LOW· v3 N/A· v2 Dell Command \| Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability lead...Show more Dell Command \| Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. Show less
CVE-2022-42292 1Nvidia 1Geforce Experience Nov 21, 2024 Feb 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify...Show more NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. Show less
CVE-2023-25168 1Pterodactyl 1Wings Nov 21, 2024 Feb 9, 2023 N/A· v4 8.2 HIGH· v3 N/A· v2 Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite file...Show more Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite files on the host system. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. This vulnerability has been resolved in version `v1.11.4` of Wings, and has been back-ported to the 1.7 release series in `v1.7.4`. Anyone running `v1.11.x` should upgrade to `v1.11.4` and anyone running `v1.7.x` should upgrade to `v1.7.4`. There are no known workarounds for this issue.Show less
CVE-2023-25152 1Pterodactyl 1Wings Nov 21, 2024 Feb 8, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially a...Show more Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode, or potentially add ssh authorized keys to allow the attacker access to a remote shell on the target machine. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by the Wings Daemon. This vulnerability has been resolved in version `v1.11.3` of the Wings Daemon, and has been back-ported to the 1.7 release series in `v1.7.3`. Anyone running `v1.11.x` should upgrade to `v1.11.3` and anyone running `v1.7.x` should upgrade to `v1.7.3`. There are no known workarounds for this vulnerability. ### Workarounds None at this time. Show less
CVE-2022-42291 1Nvidia 1Geforce Experience Nov 21, 2024 Feb 7, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering....Show more NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory. Show less
CVE-2020-36657 1Uptimed Project 1Uptimed Apr 1, 2025 Jan 26, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R...Show more uptimed before 0.4.6-r1 on Gentoo allows local users (with access to the uptimed user account) to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call.Show less
CVE-2023-20008 1Cisco 3Roomos Telepresence Collaboration EndpointTelepresence Tc Nov 21, 2024 Jan 20, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to...Show more A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are in the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.Show less
CVE-2022-45440 1Zyxel 1Ax7501 B0 Firmware Dec 17, 2025 Jan 17, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges co...Show more A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a symbolic link on external storage media, such as a USB flash drive, and then logging into the FTP server on a vulnerable device.Show less
CVE-2022-3592 2Fedoraproject Samba 2Fedora Samba Apr 8, 2025 Jan 12, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the...Show more A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. This flaw allows a remote user with access to the exported part of the file system under a share via SMB1 unix extensions or NFS to create symlinks to files outside the 'smbd' configured share path and gain access to another restricted server's filesystem.Show less
CVE-2023-21760 1Microsoft 10Windows 10 Windows 11Windows 7+7 more Nov 21, 2024 Jan 10, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21725 1Microsoft 1Windows Malicious Software Removal Tool Nov 21, 2024 Jan 10, 2023 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
CVE-2023-21678 1Microsoft 15Windows 10 1607 Windows 10 1809Windows 10 20h2+12 more Nov 21, 2024 Jan 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21542 1Microsoft 9Windows 10 1607 Windows 7Windows 8.1+6 more Nov 21, 2024 Jan 10, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 Windows Installer Elevation of Privilege Vulnerability
CVE-2022-38482 1Mega 1Hopex May 30, 2025 Jan 10, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4.
CVE-2022-36943 1Ziparchive Project 1Ziparchive Jan 28, 2026 Jan 3, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZI...Show more SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item.Show less
CVE-2021-4287 1Microsoft 1Binwalk Nov 21, 2024 Dec 27, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler...Show more A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876.Show less
CVE-2022-45798 1Trendmicro 1Apex One Apr 15, 2025 Dec 24, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abus...Show more A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2022-45412 1Mozilla 3Firefox Firefox EsrThunderbird Apr 15, 2025 Dec 22, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>This bug only affects Th...Show more When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.Show less

Previous 1...262728...76 Next