Cerberusftp » Ftp Server : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2020-5196

Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. There are multiple ways to bypass certain permissions by utilizing the zip and unzip features. As a result, users without permission can see files, folders, and hidden files, and can create directories without permission.
Max CVSS
8.1
EPSS Score
0.18%
Published
2020-01-14
Updated
2020-01-17

CVE-2017-6367

In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
Max CVSS
7.5
EPSS Score
0.73%
Published
2017-03-14
Updated
2017-03-17
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close