VYPR
Vendor

Rumpus FTP Server

Products
2
CVEs
5
Across products
7
Status
Private

Products

2

Recent CVEs

5
  • CVE-2019-19659HigFeb 10, 2020
    risk 0.57cvss 8.8epss 0.00

    A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.

  • CVE-2019-19662MedFeb 10, 2020
    risk 0.42cvss 6.5epss 0.00

    A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.

  • CVE-2019-19660MedFeb 10, 2020
    risk 0.42cvss 6.5epss 0.00

    A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.

  • CVE-2019-19670MedFeb 10, 2020
    risk 0.40cvss 6.1epss 0.01

    A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.

  • CVE-2019-19661MedFeb 10, 2020
    risk 0.40cvss 6.1epss 0.01

    A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.