CWE-59

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.

Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.

The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal.

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file’s parent is a symlink to a directory outside of the intended extraction location.

The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files that otherwise cannot be deleted by the user.