HIGH
Hackplayers
CVE published 2026-06-17
CVE-2026-55201
CVE-2026-55201 is a high-severity path traversal vulnerability in Evil-WinRM, a tool for remote Windows management. The vulnerability, fixed in commit 6ecd570, allows a rogue or compromised remote Windows server to write files outside the intended download directory. This is achieved by exploiting the download_dir() function, which fails to sanitize filenames with traversal sequences from Get-ChildItem co [truncated]