CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1386

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/archive/1/194442
http://www.securityfocus.com/bid/2957
https://exchange.xforce.ibmcloud.com/vulnerabilities/6760
http://www.securityfocus.com/archive/1/194442
http://www.securityfocus.com/bid/2957
https://exchange.xforce.ibmcloud.com/vulnerabilities/6760

Products affected by CVE-2001-1386

Texasimperialsoftware » Wftpd » Version: 3.00

cpe:2.3:a:texasimperialsoftware:wftpd:3.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1386

Products

Pricing

Contact Us