CVE-2020-37214
Awaiting Analysis Awaiting Analysis - Queue
Directory Traversal in Voyager 1.3.0 Allows Sensitive File Access

Publication date: 2026-02-11

Last updated on: 2026-02-12

Assigner: VulnCheck

Description
Voyager 1.3.0 contains a directory traversal vulnerability that allows attackers to access sensitive system files by manipulating the asset path parameter. Attackers can exploit the path parameter in /admin/voyager-assets to read arbitrary files like /etc/passwd and .env configuration files.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-02-12
Generated
2026-06-16
AI Q&A
2026-02-11
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37214
EUVD
EUVD-2020-31175
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
the_control_group voyager to 1.3.0 (inc)
the_control_group voyager From 1.0.0 (inc) to 1.3.0 (inc)
the_voyager voyager 1.3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2020-37214 is a directory traversal vulnerability in Voyager version 1.3.0 and earlier. It exists in the asset path parameter of the /admin/voyager-assets endpoint. The vulnerability arises because the application attempts to sanitize the user-supplied path parameter by removing '../' and './' sequences, but this sanitization is insufficient. Attackers can craft encoded payloads that bypass these filters and traverse directories outside the intended assets folder."}, {'type': 'paragraph', 'content': 'By exploiting this flaw, an attacker can read arbitrary files on the server, including sensitive system files such as /etc/passwd and Laravel environment configuration files like .env. The vulnerability allows remote attackers to access these files without any privileges or user interaction.'}] [1, 3]

Impact Analysis

This vulnerability can have serious impacts as it allows attackers to read sensitive files on the server remotely without any authentication or user interaction.

  • Exposure of sensitive system files such as /etc/passwd, which can reveal user account information.
  • Access to configuration files like .env, which may contain database credentials, API keys, and other secrets.
  • Potentially enabling further attacks by gathering critical information about the system and application environment.

The vulnerability has a high severity score (CVSS v4 base score 8.7), indicating a high confidentiality impact with no required privileges or user interaction.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to exploit the directory traversal flaw in the /admin/voyager-assets endpoint by manipulating the path parameter to access sensitive files such as /etc/passwd or .env.'}, {'type': 'paragraph', 'content': 'A practical detection method is to send crafted HTTP requests to the vulnerable endpoint with encoded directory traversal payloads that bypass the insufficient sanitization. For example, using curl commands to request files outside the intended directory.'}, {'type': 'list_item', 'content': 'curl -v "http://<target>/admin/voyager-assets?path=.....%2F%2F%2Fetc%2Fpasswd"'}, {'type': 'list_item', 'content': 'curl -v "http://<target>/admin/voyager-assets?path=.....%2F%2F%2F.env"'}, {'type': 'paragraph', 'content': 'If the server responds with the contents of these sensitive files, it confirms the presence of the vulnerability.'}] [1]

Compliance Impact

I don't know

Mitigation Strategies

Immediate mitigation steps include upgrading Voyager to a version later than 1.3.0 where this vulnerability is fixed or applying patches that properly sanitize the path parameter to prevent directory traversal.

If upgrading is not immediately possible, restrict access to the /admin/voyager-assets endpoint via firewall rules or web server configuration to trusted IP addresses only.

Additionally, monitor logs for suspicious requests containing encoded traversal sequences targeting the path parameter and respond accordingly.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37214. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart