CVE-2019-9648
Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned information.
Se ha descubierto un problema en el componente SFTP Server en Core FTP 2.0 Build 674. Existe una vulnerabilidad de salto de directorio empleando el comando SIZE junto con una subcadena \..\..\, lo que permite que un atacante enumere la existencia de archivos basándose en la información devuelta.
CoreFTP Server FTP and SFTP Server version 2 build 674 suffer from a directory traversal vulnerability. By utilizing a directory traversal along with the FTP SIZE command, an attacker can browse outside the root directory to determine if a file exists based on return file size by using a ..\..\ technique.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-10 CVE Reserved
- 2019-03-11 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2024-08-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/154204/CoreFTP-Server-SIZE-Directory-Traversal.html | X_refsource_misc |
|
| http://seclists.org/fulldisclosure/2019/Aug/21 | Mailing List |
|
| http://www.securityfocus.com/bid/107446 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/46535 | 2024-08-04 | |
| https://seclists.org/fulldisclosure/2019/Mar/23 | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.coreftp.com/forums/viewtopic.php?f=15&t=4022509 | 2019-08-26 |