Smithery.ai fixes path traversal flaw that exposed 3,000 MCP servers
submitted by /u/NISMO1968 [link] [comments]
Articles tagged with: #path-traversal
Clear filter
AutomationDirect Productivity Suite
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : Productivity Suite Vulnerabilities : Relative Path Traversal, Weak Password Recovery Mechanism for Forgotten Password, Incorrect Permission Assignment for Critical Resource, Binding to an Unrestricted IP Address 2. RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary code, disclose information, gain...
Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process
Atlassian has disclosed a high-severity path traversal vulnerability in Jira Software Data Center and Server that enables authenticated attackers to arbitrarily write files to any path accessible by the Java Virtual Machine (JVM) process. This flaw, tracked as CVE-2025-22167 with a CVSS score of 8.7, affects versions from 9.12.0 through 11.0.1 and was internally discovered,
From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting
submitted by /u/mabote [link] [comments]
Path Traversal 2.0: Escaping Containers and Reading /etc/passwd in 2025 📁
submitted by /u/JadeLuxe [link] [comments]
Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View Machine Edition and PanelView Plus 7 Vulnerabilities : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system. 3. TECHNICAL DETAILS 3.1 AFFECTED...