Unrated severityNVD Advisory· Published Jun 3, 2008· Updated Apr 23, 2026

CVE-2008-2519

Description

Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Affected products

Coreftp/Coreftp2 versions
cpe:2.3:a:core_ftp:core_ftp:2.1:build_1565:le:*:*:*:*:*+ 1 more
- cpe:2.3:a:core_ftp:core_ftp:2.1:build_1565:le:*:*:*:*:*
- cpe:2.3:a:core_ftp:core_ftp:2.1:build_1565:pro:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.coreftp.com/forums/viewtopic.phpnvdPatch
vuln.sg/coreftp211565-en.htmlnvdExploit
secunia.com/advisories/30389nvdVendor Advisory
www.securityfocus.com/bid/29362nvd
www.vupen.com/english/advisories/2008/1643/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/42605nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000