CVE-2021-31800 log

Severity Medium
Remote Yes
Type Directory traversal
Multiple path traversal vulnerabilities exist in in Impacket before version 0.9.23. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key.
Group Package Affected Fixed Severity Status Ticket
AVG-1916 impacket 0.9.22-1 0.9.23-1 Medium Fixed FS#70714
Date Advisory Group Package Severity Type
21 Jul 2021 ASA-202107-56 AVG-1916 impacket Medium directory traversal