Critical severity9.8NVD Advisory· Published Jul 1, 2020· Updated Jun 17, 2026
CVE-2020-14056
CVE-2020-14056
Description
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Monsta FTP/Monsta FTPdescription
- Range: <=2.10.1
Patches
Vulnerability mechanics
References
2- github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191203-02_Monsta_FTP_Server-Side_Request_ForgerynvdThird Party Advisory
- www.monstaftp.com/notes/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.