How to fix CVE-2021-47755?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Review file handling controls and restrict upload directories.

Is Oliver V5 Library affected by CVE-2021-47755?

Organizations using Oliver Library Server v5 face notable risk from CVE-2021-47755, a path traversal vulnerability rated CVSS 7.5. This could allow attackers to access or modify files outside intended directories, potentially exposing sensitive configuration or credentials.

CVE-2021-47755

HIGH

2026-01-15 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 26, 2026 - 16:15 vuln.today

Public exploit code

CVE Published

Jan 15, 2026 - 16:16 nvd

HIGH 7.5

Description

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive files from the server's filesystem.

Analysis

Technical Context

Classified as CWE-22 (Path Traversal). Affects the FileServlet component of Oliver V5 Library. Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive files from the server's filesystem.

Affected Products

Vendor: Softlinkint. Product: Oliver V5 Library. Component: FileServlet.

Remediation

Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +38

POC: +20

CVE-2021-47755 vulnerability details – vuln.today

Back

CVE-2021-47755

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2021-47755

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code