CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2023-45690 – Information leak via default file permissions on Titan MFT and Titan SFTP servers
https://notcve.org/view.php?id=CVE-2023-45690
16 Oct 2023 — Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem Los permisos de archivos predeterminados en los servidores Titan MFT y Titan SFTP de South River Technologies en Linux permiten que un usuario que se autentica en el sistema operativo lea archivos confidenciales en el sistema de archivos. • https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690 • CWE-276: Incorrect Default Permissions •
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 1CVE-2022-44215
https://notcve.org/view.php?id=CVE-2022-44215
22 Aug 2023 — There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. Hay una vulnerabilidad de redirección abierta en las versiones 19.0 e inferiores del servidor Titan FTP. Los usuarios son redirigidos a cualquier URL de destino. • https://github.com/JBalanza/CVE-2022-44215 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.0EPSS: 13%CPEs: 1EXPL: 3CVE-2023-22629 – TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2023-22629
14 Feb 2023 — An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem. Titan FTP server versions prior to 2.0.1.2102 suffer from a path traversal vulnerability. • https://packetstorm.news/files/id/171737 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 10%CPEs: 4EXPL: 3CVE-2014-1841 – Titan FTP Server 10.32 Build 1816 - Directory Traversal
https://notcve.org/view.php?id=CVE-2014-1841
11 Feb 2014 — Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos copiar una carpeta home de usuario arbitraria a través de una acción Move con un .. (punto punto) en el parámetro src. Titan FTP server version 10.32 Build ... • https://packetstorm.news/files/id/125150 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 16%CPEs: 4EXPL: 3CVE-2014-1842 – Titan FTP Server 10.32 Build 1816 - Directory Traversal
https://notcve.org/view.php?id=CVE-2014-1842
11 Feb 2014 — Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos listar todos los nombres de usuarios a través de una acción Go con un .. (punto punto) en el valor de barra de búsqueda. Titan FTP server version 10.32 Build 1816 suffers fr... • https://packetstorm.news/files/id/125150 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 10%CPEs: 4EXPL: 3CVE-2014-1843 – Titan FTP Server 10.32 Build 1816 - Directory Traversal
https://notcve.org/view.php?id=CVE-2014-1843
11 Feb 2014 — Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos obtener la información de propiedad de una carpeta home arbitraria a través de una acción Properties con un .. (punto punto) en... • https://packetstorm.news/files/id/125150 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.1EPSS: 0%CPEs: 126EXPL: 0CVE-2010-2425
https://notcve.org/view.php?id=CVE-2010-2425
23 Jun 2010 — Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheroso borrar ficheros de su elección a través de la secuencia "..//" ... • http://secunia.com/advisories/40237 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 36%CPEs: 126EXPL: 2CVE-2010-2426 – Titan FTP XCRC Directory Traversal Information Disclosure
https://notcve.org/view.php?id=CVE-2010-2426
23 Jun 2010 — Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheros de su elección, tamaño de fichero determinado, a t... • https://packetstorm.news/files/id/181003 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 60%CPEs: 1EXPL: 3CVE-2008-6082 – Titan FTP Server 6.26 build 630 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-6082
06 Feb 2009 — Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. Titan FTP Server v6.26 build 630 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través del comando "SITE WHO". The Titan FTP server v6.26 build 630 can be DoSd by issuing "SITE WHO". You need a valid login so you can send this command. • https://packetstorm.news/files/id/180578 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 2CVE-2008-5281 – Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-5281
29 Nov 2008 — Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command. Desbordamiento de búfer basado en montículo en el servidor FTP Titan v6.05 build 550 permite a atacantes remotos ejecutar código de su elección a través de un comando "DELE" largo. • https://www.exploit-db.com/exploits/31105 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •