RSS   Vulnerabilities for 'Ftp server'   RSS

2022-06-24
 
CVE-2021-41634

CWE-203
 

 
A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames.

 
 
CVE-2021-41637

CWE-276
 

 
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users.

 
 
CVE-2021-41638

CWE-287
 

 
The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username.

 
 
CVE-2021-41639

CWE-312
 

 
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file.

 


Copyright 2024, cxsecurity.com

 

Back to Top