Описание
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a ".." (dot dot backslash) in a filename.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 15.2.0.11 (включая)
Одно из
cpe:2.3:a:rhinosoft:ftp_voyager:*:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:rhinosoft:ftp_voyager:15.2.0.9:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00513
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
около 3 лет назад
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
EPSS
Процентиль: 65%
0.00513
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-22