HIGH🇬🇧 English

CVE-2023-22629

CVSS 8.8v3.1pub. 2023-02-14upd. 2025-03-20

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Southrivertech Titan Ftp Server

    APP
    Southrivertech
    ≤ 1.94.1205
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2023-45690MEDIUM4.9ten sam produkt

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user ...

CVE-2022-44215MEDIUM6.1ten sam produkt

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target...

CVE-2019-10009MEDIUM6.5ten sam produkt

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authent...

CVE-2014-1842MEDIUM5.0ten sam produkt

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remo...

CVE-2014-1841MEDIUM5.0ten sam produkt

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remo...