# Security Updates - CVE-2020-13818 | ManageEngine OpUtils

## CVE-2020-13818

### Directory Traversal validation was being bypassed when using <cachestart>

| Vulnerability Details |  |
|---|---|
| Impact | **CVSS V3 rating: NA** |
| Reported | 26th May 2020 |
| Reported by | Reported by Yazhi Wang of Trend Micro and zerodayinitiative |
| Fixed | June 01, 2020 |
| Affected Builds | → Builds till 125143 |
| Fixed in | Builds 125144 |
| Overview | Directory Traversal validation was being bypassed when using <cachestart> |
| Recommended Fix | **→ For builds 12.5.143 & above, please upgrade to [OpUtils version 12.5.144](https://www.manageengine.com/products/oputils/service-packs.html?12116cve) or above.** |

### Description

Directory Traversal validation was being bypassed when using. This issue has now been fixed.

We recommend that you upgrade to [OpUtils version 12.5.144](https://www.manageengine.com/products/oputils/service-packs.html?12116cve) or contact our support team at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com) to fix this issue.

**Source and Acknowledgements**

Find out more about CVE-2020-13818 from the [CVE dictionary](https://nvd.nist.gov/vuln/detail/CVE-2020-13818).

### Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com).