CVE-2024-37372
NONE EPSS 35.5%
Published Jan 9, 20251y ago · Modified Jun 17, 20262w ago
Published Jan 9, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases.
Threat Intelligence
EPSS Exploit Probability
35.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
References 3
- openwall.com http://www.openwall.com/lists/oss-security/2024/07/11/6
- openwall.com http://www.openwall.com/lists/oss-security/2024/07/19/3
- security.netapp.com https://security.netapp.com/advisory/ntap-20250502-0010/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.