Main Vulnerability Database Vulnerabilities #VU135308

Path Traversal: \'../filedir\' in Graylog - CVE-2023-41044

Published: July 5, 2023 / Updated: June 25, 2026

Vulnerability identifier: #VU135308

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-41044

CWE-ID: CWE-24

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Graylog

Affected software:
Graylog

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive information or delete files.

The vulnerability exists due to path traversal in the Support Bundle HTTP API resource when handling crafted filename parameters. A remote user can send a specially crafted request to disclose sensitive information or delete files.

Exploitation requires valid Admin role credentials and is limited to sibling directories whose names begin with the support bundle directory path.

How to mitigate CVE-2023-41044

Install security update from vendor's website.

Sources

https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-2q4p-f6gf-mqr5

Path Traversal: \'../filedir\' in Graylog - CVE-2023-41044

Detailed vulnerability description

How to mitigate CVE-2023-41044

Sources

Please verify you're human