Main Vulnerability Database SB2021092901

SB2021092901 - Path traversal in PHP

Published: September 29, 2021 Updated: September 30, 2021

Security Bulletin ID SB2021092901

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Absolute Path Traversal (CVE-ID: CVE-2021-21706)

The vulnerability allows a remote attacker overwrite files on the system.

The vulnerability exists due to insufficient filtration of file names in the php_zip_make_relative_path() function on Windows systems. A remote attacker can construct a specially crafted ZIP archive, which once extracted by the ZipArchive::extractTo() function, can overwrite files outside of the destination directory.

Successful exploitation of the vulnerability may allow an attacker to overwrite arbitrary files on the system with privileges of the web server, but requires that the web application is running on Windows.

Remediation

Install update from vendor's website.

SB2021092901 - Path traversal in PHP

Breakdown by Severity

Description

Remediation

References

Please verify you're human