Directory Traversal Vulnerability in Core FTP 2.0 Build 674
CVE-2019-9648 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned information.
Learn more about our Cis Benchmark Audit For Server Software.