{"containers":{"cna":{"affected":[{"product":"civetweb","vendor":"civetweb_project","versions":[{"lessThan":"unspecified","status":"unaffected","version":"1.15","versionType":"custom"},{"lessThan":"unspecified","status":"affected","version":"1.8","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-23","description":"CWE-23","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-06-14T10:06:41.000Z","orgId":"6b4ace4a-d6e0-415b-9ce8-aa20e97e4b24","shortName":"VDOO"},"references":[{"tags":["x_refsource_MISC"],"url":"https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/"},{"tags":["x_refsource_MISC"],"url":"https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ"},{"tags":["x_refsource_CONFIRM"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"tags":["x_refsource_CONFIRM"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"vuln@vdoo.com","ID":"CVE-2020-27304","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"civetweb","version":{"version_data":[{"version_affected":"!>=","version_value":"1.15"},{"version_affected":">=","version_value":"1.8"}]}}]},"vendor_name":"civetweb_project"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-23"}]}]},"references":{"reference_data":[{"name":"https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/","refsource":"MISC","url":"https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/"},{"name":"https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ","refsource":"MISC","url":"https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ"},{"name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","refsource":"CONFIRM","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"name":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf","refsource":"CONFIRM","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T16:11:36.691Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"}]}]},"cveMetadata":{"assignerOrgId":"6b4ace4a-d6e0-415b-9ce8-aa20e97e4b24","assignerShortName":"VDOO","cveId":"CVE-2020-27304","datePublished":"2021-10-21T15:42:23.000Z","dateReserved":"2020-10-19T00:00:00.000Z","dateUpdated":"2024-08-04T16:11:36.691Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}