Unrated severityNVD Advisory· Published Jun 19, 2008· Updated Apr 23, 2026

CVE-2008-2779

Description

Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Affected products

Globalscape/Cuteftp2 versions
cpe:2.3:a:globalscape:cuteftp:8.2.0:*:home:*:*:*:*:*+ 1 more
- cpe:2.3:a:globalscape:cuteftp:8.2.0:*:home:*:*:*:*:*
- cpe:2.3:a:globalscape:cuteftp:8.2.0:*:pro:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vuln.sg/cuteftp820-en.htmlnvdExploit
secunia.com/advisories/29760nvdVendor Advisory
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/1653/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/42633nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000