Filtered by CWE-552
Filtered by vendor Subscriptions
Total 345 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-39581 1 Dell 2 Insightiq, Powerscale Insightiq 2024-09-16 7.3 High
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
CVE-2024-3913 1 Phoenixcontact 12 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 9 more 2024-09-13 7.5 High
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
CVE-2024-8655 1 Mercurycom 1 Mnvr816 Firmware 2024-09-12 5.3 Medium
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-41699 1 Priority-software 1 Priority 2024-09-03 4.4 Medium
Priority – CWE-552: Files or Directories Accessible to External Parties
CVE-2024-7729 1 Cayintech 15 Cms-20, Cms-60, Cms-se and 12 more 2024-08-16 7.5 High
The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files.