Unrated severityNVD Advisory· Published Mar 22, 2019· Updated Aug 4, 2024
CVE-2019-9649
CVE-2019-9649
Description
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.0 Build 674
Patches
Vulnerability mechanics
References
6- www.exploit-db.com/exploits/46534mitreexploitx_refsource_EXPLOIT-DB
- packetstormsecurity.com/files/154205/CoreFTP-Server-MDTM-Directory-Traversal.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2019/Aug/22mitremailing-listx_refsource_FULLDISC
- www.coreftp.com/forums/viewtopic.phpmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/107449mitrevdb-entryx_refsource_BID
- seclists.org/fulldisclosure/2019/Mar/25mitremailing-listx_refsource_FULLDISC
News mentions
0No linked articles in our index yet.