Home / os / winmobile

CoreFTP Server MDTM Directory Traversal

Posted on 26 August 2019

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal (....) to browse outside the root directory to determine the existence of a file on the operating system, and the last modified date.

 

TOP

Malware :

Exploits :