Unrated severityNVD Advisory· Published Apr 29, 2019· Updated Aug 4, 2024

CVE-2019-5429

Description

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.

Affected products

Filezilla/Filezillav5
Range: 3.41.0-rc1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7WUJWTJA55ILACKLTJFSQUYEBHVYENL/mitrevendor-advisoryx_refsource_FEDORA
security.gentoo.org/glsa/202007-51mitrevendor-advisoryx_refsource_GENTOO
lists.debian.org/debian-lts-announce/2022/05/msg00037.htmlmitremailing-listx_refsource_MLIST
svn.filezilla-project.org/filezillamitrex_refsource_MISC
www.tenable.com/security/research/tra-2019-14mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000