Directory Traversal Vulnerability in Progress ipswitch WS_FTP Server 2018 before 8.6.1

Directory Traversal Vulnerability in Progress ipswitch WS_FTP Server 2018 before 8.6.1

CVE-2019-12146 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory.

Learn more about our Cis Benchmark Audit For Server Software.