Vulnerability Details CVE-2009-4194
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.0%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.0
References
- http://blog.sat0ri.com/?p=292
- http://secunia.com/advisories/37527
- http://www.exploit-db.com/exploits/10258
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54497
- http://blog.sat0ri.com/?p=292
- http://secunia.com/advisories/37527
- http://www.exploit-db.com/exploits/10258
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54497
Products affected by CVE-2009-4194
-
cpe:2.3:a:kmint21:golden_ftp_server:4.30
-
cpe:2.3:a:kmint21:golden_ftp_server:4.50