CVE Catalog
CVE-2020-7211
LowSummary
In version 4.1.0 of the libslirp library, used in QEMU 4.2.0, there is a vulnerability that allows directory traversal attacks on Windows systems.
Risk Assessment
An attacker may gain access to files outside the allowed directory, potentially leading to the disclosure of sensitive data or system compromise.
Recommendation
It is recommended to update libslirp to the latest version to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

