High severity7.5NVD Advisory· Published Jul 1, 2001· Updated Jun 16, 2026
CVE-2001-1386
CVE-2001-1386
Description
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
Affected products
2cpe:2.3:a:texasimperialsoftware:wftpd:3.00:r5:*:*:pro:*:*:*+ 1 more
- cpe:2.3:a:texasimperialsoftware:wftpd:3.00:r5:*:*:pro:*:*:*
- (no CPE)range: =3.00
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/2957nvdBroken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- www.securityfocus.com/archive/1/194442nvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/6760nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.