CVE-2020-5405— Directory Traversal with spring-cloud-config-server
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-5405
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal with spring-cloud-config-server
Source: NVD (National Vulnerability Database)
Vulnerability Description
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
相对路径遍历
Source: NVD (National Vulnerability Database)
Vulnerability Title
Pivotal Software Spring Cloud Config 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Pivotal Software Spring Cloud Config是美国Pivotal Software公司的一套分布式系统的配置管理解决方案。该产品主要为分布式系统中的外部配置提供服务器和客户端支持。 Spring Cloud Config 2.2.2之前的2.2.x版本、2.1.7之前的2.1.x版本和不再支持的老版本中存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Spring by VMware | Spring Cloud Config | 2.2 ~ 2.2.2 | - |
II. Public POCs for CVE-2020-5405
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-5405.yaml | POC Details |
| 2 | None | https://github.com/shoucheng3/spring-cloud__spring-cloud-config_CVE-2020-5405_2-1-6-RELEASE | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-5405
请登录查看更多情报信息。
- https://pivotal.io/security/cve-2020-5405x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2020-5405
IV. Related Vulnerabilities
Same vendor: Spring by VMware
- CVE-2020-5427
Possibility of SQL Injection in Spring Cloud Data Flow Task - CVE-2020-5428
Possibility of SQL Injection in Spring Cloud Task Execution - CVE-2020-5421
RFD Protection Bypass via jsessionid - CVE-2020-5412
Hystrix Dashboard Proxy In spring-cloud-netflix-hystrix-dash - CVE-2020-5413
Kryo Configuration Allows Code Execution with Unknown "Seria
Same weakness: CWE-23
- CVE-2026-8209
Gibbon<30.0.01路径遍历漏洞导致拒绝服务 - CVE-2026-43533
OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot M - CVE-2026-43616
Detect-It-Easy < 3.21 Path Traversal Arbitrary File Write - CVE-2026-42085
OpenC3 COSMOS: Arbitrary write to plugins directory via path - CVE-2026-22070
ColorOS Assistant Path Traversal Vulnerability
V. Comments for CVE-2020-5405
No comments yet