Описание
WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:texas_imperial_software:wftpd:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:texas_imperial_software:wftpd:2.4.1_rc11:*:*:*:*:*:*:*
cpe:2.3:a:texas_imperial_software:wftpd:2.34:*:*:*:*:*:*:*
cpe:2.3:a:texas_imperial_software:wftpd:2.40:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00721
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred.
EPSS
Процентиль: 72%
0.00721
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other