VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 19, 2008· Updated Apr 23, 2026

CVE-2008-5692

CVE-2008-5692

Description

Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.

Affected products

22
  • Ipswitch, Inc./Ws Ftp22 versions
    cpe:2.3:a:ipswitch:ws_ftp:*:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:ipswitch:ws_ftp:*:*:*:*:*:*:*:*range: <=6.1
    • cpe:2.3:a:ipswitch:ws_ftp:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:2.01:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:2.02:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:2.03:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:3.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:4.00:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:4.01:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:4.02:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.00:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:ipswitch:ws_ftp:6.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.