CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4154
https://notcve.org/view.php?id=CVE-2010-4154
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. Vulnerabilidad de salto de directorio en Rhino Software, Inc. FTP Voyager v15.2.0.11 y posiblemente versiones previas, permite a servidores FTP remotos crear archivos de su elección a través de la secuencia "..\" en el nombre de archivo. • http://marc.info/?l=bugtraq&m=128654931101920&w=2 http://packetstormsecurity.org/1010-exploits/ftpvoyager-traversal.txt http://secunia.com/advisories/41719 http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_ftp_voyager.html http://www.osvdb.org/68607 http://www.securityfocus.com/bid/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/62392 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2007-1079 – FTP Voyager 14.0.0.3 - 'CWD' Remote Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-1079
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. Desbordamiento de búfer en Rhino Software, Inc. FTP Voyager 14.0.0.3 y anteriores permite a servidores remotos provocar denegación de servicio (caida) a través de una respuesta a un comando CWD, lo cual dispara el desbordamiento de flujo cuando el usuario aborta el comando. • https://www.exploit-db.com/exploits/3343 http://osvdb.org/33746 http://www.securityfocus.com/bid/22637 https://exchange.xforce.ibmcloud.com/vulnerabilities/32593 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1103
https://notcve.org/view.php?id=CVE-2001-1103
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. • http://www.kb.cert.org/vuls/id/320944 https://exchange.xforce.ibmcloud.com/vulnerabilities/7119 •