MEDIUM🇵🇱 Wersja polska

CVE-2019-10009

CVSS 6.5v3.0pub. 2019-06-03upd. 2024-11-21

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Southrivertech Titan Ftp Server

    APP
    Southrivertech
    2019
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2023-22629HIGH8.8ten sam produkt

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerabili...

CVE-2023-45690MEDIUM4.9ten sam produkt

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user ...

CVE-2022-44215MEDIUM6.1ten sam produkt

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target...

CVE-2014-1842MEDIUM5.0ten sam produkt

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remo...

CVE-2014-1841MEDIUM5.0ten sam produkt

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remo...