Path traversal in TYPO3 CMS's GeneralUtility::isAllowedAbsPath() allows authenticated administrator-level users to define File Abstraction Layer (FAL) storage roots that resolve to directories outside the project root. Affected versions span all active TYPO3 branches: before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31, and 14.0.0-14.3.3. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; the CVSS 4.0 score of 2.1 reflects the severe privilege and prerequisite constraints that substantially limit real-world impact.
Unrestricted file upload in Dcat-Admin up to 2.2.3-beta allows remote attackers with high privileges - or potentially with authentication bypass - to upload arbitrary files via the editorMDUpload function at the /admin/dcat-api/editor-md/upload endpoint on the User Setting Page. The vulnerability stems from improper access control (CWE-284) on the editormd-image-file parameter, enabling upload of potentially malicious file types. Publicly available exploit code exists (CVSS E:P confirmed), though no active exploitation is listed in CISA KEV. The low CVSS 4.0 base score of 2.0 reflects constrained impact scope, but the 'Authentication Bypass' tag warrants additional scrutiny of the effective privilege requirement.
Integrity controls on multiple NETGEAR router firmware lines can be subverted by authenticated administrators on the local network through improper input validation (CWE-20), enabling privilege escalation beyond the intended administrative authorization boundary and permitting unauthorized modifications to router software and functionality. Twenty distinct NETGEAR SKUs across the R7000, RAX, RAXE, and XR1000 series are confirmed affected per ENISA EUVD-2026-35452, each with specific patched firmware thresholds now released by the vendor. No public exploit exists at time of analysis (CVSS E:U), and multiple CVSS constraints - adjacent-only attack vector, high complexity, and high privilege requirement - substantially limit the realistic threat population.