Arbitrary File Loading Vulnerability in Titan FTP Server 2019 Build 3505

Arbitrary File Loading Vulnerability in Titan FTP Server 2019 Build 3505

CVE-2019-10009 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.

Learn more about our Web App Pen Testing.