Insufficient Path Check in AccountsService Allows Directory Traversal
CVE-2018-14036 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
Learn more about our User Device Pen Test.