漏洞标题
WS_FTP 服务器目录传输
漏洞描述信息
WS_FTP服务器目录遍历
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
WS_FTP Server Directory Traversal
漏洞描述信息
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
WS_FTP Server 路径遍历漏洞
漏洞描述信息
Progress Software WS_FTP Server是美国Progress Software公司的一个有效的、高度可管理的 FTP 服务器。 WS_FTP Server 8.7.4之前版本、8.8.2版本存在安全漏洞。攻击者利用该漏洞可以读取运行应用程序的服务器上的任意文件。
CVSS信息
N/A
漏洞类别
路径遍历