Описание
Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:*:*:*:*:*:*:*
cpe:2.3:a:x-diesel:unreal_commander:0.92_build573:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05379
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
EPSS
Процентиль: 90%
0.05379
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-22