Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XMonstaftp Monsta Ftp
APPMonstaftp≤ 2.11
Related vulnerabilities
Monstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitra...
Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF).
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restric...
Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attacke...
Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due...