Jcraft : Security vulnerabilities, CVEs directory traversal published in 2017

CVE-2016-5725

Public exploit

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.

Max CVSS

5.9

EPSS Score

1.00%

Published

2017-01-19

Updated

2021-06-14

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Jcraft : Security Vulnerabilities, CVEs, Published In 2017 (Directory traversal)

CVE-2016-5725