Описание
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information.
Ссылки
- Broken LinkExploit
- Broken LinkVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkExploit
- Broken LinkVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:kmint21:golden_ftp_server:4.30:*:*:*:free:*:*:*
cpe:2.3:a:kmint21:golden_ftp_server:4.50:*:*:*:professional:*:*:*
EPSS
Процентиль: 82%
0.01812
Низкий
8.1 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.1
github
почти 4 года назад
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 82%
0.01812
Низкий
8.1 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-22