PT-2026-21008 · Tftp+2 · Tftp+2
Jakub Witczak
+2
·
Published
2026-02-20
·
Updated
2026-04-22
·
CVE-2026-21620
CVSS v4.0
2.3
Low
| Vector | AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
erlang otp versions 1.0 through 6.9
erlang otp version 17.0
erlang otp versions prior to 7.0
Description
The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program files
lib/tftp/src/tftp file.erl and src/tftp file.erl. The vulnerability affects the tftp file modules within erlang/otp, inets, and tftp.Recommendations
erlang otp versions 1.0 through 6.9: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
erlang otp version 17.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
erlang otp versions prior to 7.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Erlang/Otp
Inets
Tftp