Xlightftpd » Xlight Ftp Server : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.
Max CVSS
6.5
EPSS Score
0.41%
Published
2010-07-12
Updated
2018-10-10
1 vulnerabilities found