CRITICAL🇵🇱 Wersja polska

CVE-2025-46093

CVSS 9.9v3.1pub. 2025-08-04upd. 2025-08-07

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.

🤖 AI Analysis
How it works

LiquidFiles supports the FTP SITE CHMOD command, which allows changing file permissions on the FTP server. An attacker who is an FTPDrop user can set the setuid and setgid bits (mode 6777) on a selected file and then use the Actionscript function and sudoers configuration to run this file with root privileges. The combination of an available FTP channel, permissive sudo configuration, and lack of restrictions on setting setuid/setgid bits creates a complete privilege escalation path to execute arbitrary code.

Impact

An authenticated FTPDrop user can execute arbitrary code as root, which means complete takeover of the server — including data theft, backdoor installation, and system modification or destruction.

Mitigation & patch

LiquidFiles should be updated to version 4.1.2 or later, in which the vulnerability has been removed. Details are available in the official release notes from the vendor at https://docs.liquidfiles.com/release_notes/version_4-1-x.html

Who is affected

LiquidFiles in versions prior to 4.1.2

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Liquidfiles

    APP
    Liquidfiles
    < 4.1.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2020-29071CRITICAL9.0ten sam produkt

An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure ...

CVE-2025-56132HIGH7.3ten sam produkt

LiquidFiles filetransfer server is vulnerable to a user enumeration issue in its password reset functionality....

CVE-2021-43397HIGH8.8ten sam produkt

LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sys...

CVE-2023-4393MEDIUM5.4ten sam produkt

HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker ...

CVE-2021-30140MEDIUM5.4ten sam produkt

LiquidFiles 3.4.15 has stored XSS through the "send email" functionality when sending a file via email to an a...