RSS   Vulnerabilities for 'Ftp-srv'   RSS

2020-08-17
 
CVE-2020-15152

CWE-918
 

 
ftp-srv versions 1.0.0 through 4.3.3 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version 4.3.4. More information can be found on the linked advisory.

 


Copyright 2024, cxsecurity.com

 

Back to Top