CVE-2018-20684
SCP Server Verification Issues
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.
En WinSCP, en versiones anteriores a la 5.14 beta, debido a la falta de validación, la implementación de scp aceptaría archivos arbitrarios enviados por el servidor, lo que podría sobrescribir archivos no relacionados. Esto afecta a TSCPFileSystem::SCPSink en core/ScpFileSystem.cpp.
Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-10 CVE Reserved
- 2019-01-10 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/106526 | Third Party Advisory | |
| https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt | Mitigation | |
| https://www.oracle.com/security-alerts/cpujan2020.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/winscp/winscp/commit/49d876f2c5fc00bcedaa986a7cf6dedd6bf16f54 | 2020-01-15 | |
| https://winscp.net/tracker/1675 | 2020-01-15 |
| URL | Date | SRC |
|---|---|---|
| https://winscp.net/eng/docs/history | 2020-01-15 |