Directory Traversal Vulnerability in Core FTP 2.0 Build 674

Directory Traversal Vulnerability in Core FTP 2.0 Build 674

CVE-2019-9649 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.

Learn more about our Cis Benchmark Audit For Server Software.