Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Lifecycle Timeline
4DescriptionCVE.org
A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software.
Analysis
A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software.
Technical ContextAI
Path traversal allows an attacker to access files outside the intended directory by manipulating file paths with sequences like '../'.
RemediationAI
Validate and sanitize file path inputs. Use a whitelist of allowed files or directories. Implement chroot jails or containerization.
More in Storeonce System
View allCommand Injection Rce (3Rd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Command Injection Rce (2Nd) in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Command Injection Rce in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Directory Traversal in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Ssrf in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Auth Bypass in HPE StoreOnce backup storage software. One of 6 critical CVEs.
Command injection remote code execution vulnerability in HPE StoreOnce Software that allows authenticated attackers with
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-16658