CVE-2021-41072

EPSS 3.58% · P88 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-41072

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

squashfs-tools 后置链接漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

squashfs-tools是一个开源软件包。 Squashfs-Tools 4.5 中 unsquash-2.c 中的 squashfs_opendir存在安全漏洞，该漏洞源于一个经过精心设计的squashfs文件系统包含一个符号链接，然后文件系统中相同文件名下的内容会导致unsquashfs首先创建指向预期目录之外的符号链接，然后随后的写操作将导致unsquashfs进程写入通过文件系统中其他地方的符号链接。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-41072

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-41072

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-09-14 · 40 CVEs total

CVE-2021-23047		F5 BIG-IP APM资源管理错误漏洞
CVE-2020-21050		Libsixel缓冲区错误漏洞
CVE-2020-21049		libsixel缓冲区错误漏洞
CVE-2020-21048		libsixel 安全漏洞
CVE-2021-41077		Travis CI 安全漏洞
CVE-2021-23042		F5 BIG-IP资源管理错误漏洞
CVE-2021-23040		F5 BIG-IP APM和F5 BIG-IP SQL注入漏洞
CVE-2021-23043		F5 BIG-IP 路径遍历漏洞
CVE-2021-23046		F5 BIG-IP 日志信息泄露漏洞
CVE-2021-23041		F5 BIG-IP 跨站脚本漏洞
CVE-2021-23044		F5 BIG-IP 输入验证错误漏洞
CVE-2021-23049		F5 BIG-IP资源管理错误漏洞
CVE-2021-23048		F5 BIG-IP输入验证错误漏洞
CVE-2021-23050		F5 BIG-IP 跨站请求伪造漏洞
CVE-2021-23053		F5 BIG-IP 资源管理错误漏洞
CVE-2021-23052		F5 BIG-IP APM输入验证错误漏洞
CVE-2021-23051		F5 BIG-IP输入验证错误漏洞
CVE-2021-36581		Kooboo代码问题漏洞
CVE-2021-36582		Kooboo 代码问题漏洞
CVE-2021-32202		CS-Cart 跨站脚本漏洞

Showing top 20 of 40 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-41072

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-41072

I. Basic Information for CVE-2021-41072

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-41072

III. Intelligence Information for CVE-2021-41072

Same Patch Batch · n/a · 2021-09-14 · 40 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-41072

Leave a comment