Description
The product contains protection mechanisms to restrict access to \'realdir/filename\', but it constructs pathnames using external input in the form of \'fakedir/../realdir/filename\' that are not handled by those mechanisms. This allows attackers to perform unauthorized actions against the targeted file.
Latest vulnerabilities for CWE-57
No vulnerabilities found using your search criteria
References
Description of CWE-57 on Mitre website