VYPR
Unrated severityNVD Advisory· Published Sep 12, 2007· Updated Jun 16, 2026

CVE-2007-4843

CVE-2007-4843

Description

Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:*:*:*:*:*:*:*
    • cpe:2.3:a:x-diesel:unreal_commander:0.92_build573:*:*:*:*:*:*:*
    • (no CPE)range: 0.92 build 565, 0.92 build 573

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.