Vulnerability Details CVE-2014-1841
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.102
EPSS Ranking 92.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html
- http://www.exploit-db.com/exploits/31579
- http://www.osvdb.org/103195
- http://www.securityfocus.com/bid/65462
- http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html
- http://www.exploit-db.com/exploits/31579
- http://www.osvdb.org/103195
- http://www.securityfocus.com/bid/65462
Products affected by CVE-2014-1841
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.17
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.18
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.19
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.20
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.21
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.22
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.23
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.24
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.25
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.26
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.27
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.28
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.29
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.30
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.0.31
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.1.33
-
cpe:2.3:a:southrivertech:titan_ftp_server:1.11.34
-
cpe:2.3:a:southrivertech:titan_ftp_server:10.0.1733
-
cpe:2.3:a:southrivertech:titan_ftp_server:10.01.1740
-
cpe:2.3:a:southrivertech:titan_ftp_server:10.30
-
cpe:2.3:a:southrivertech:titan_ftp_server:10.40
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.0.44
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.00.95
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.01.96
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.02.99
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.10.119
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.10.120
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.10.121
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.11.132
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.20.140
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.21.142
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.30.151
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.31.152
-
cpe:2.3:a:southrivertech:titan_ftp_server:2.40.155
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.00.162
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.01.163
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.02.165
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.10.169
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.12.172
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.20.175
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.21.177
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.22.178
-
cpe:2.3:a:southrivertech:titan_ftp_server:3.30.186
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.00.245
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.01.246
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.02.248
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.03.249
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.05.252
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.10.256
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.11.257
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.13.260
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.14.261
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.20.263
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.21.264
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.22.265
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.23.266
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.30.269
-
cpe:2.3:a:southrivertech:titan_ftp_server:4.31.272
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.00.303
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.01.306
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.02.307
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.03.308
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.03.309
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.03.310
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.04.311
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.04.312
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.04.313
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.04.314
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.04.315
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.316
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.317
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.318
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.319
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.320
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.321
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.322
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.323
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.324
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.325
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.326
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.05.327
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.10.328
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.10.329
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.11.330
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.11.331
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.12.332
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.12.333
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.12.334
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.12.335
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.12.336
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.20.342
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.21.347
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.22.350
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.23.351
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.24.352
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.25.356
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.26.361
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.27.362
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.30.367
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.31.373
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.32.376
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.33.380
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.33.381
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.35.385
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.36.386
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.37.387
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.38.388
-
cpe:2.3:a:southrivertech:titan_ftp_server:5.39.389
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.00.492
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.01.512
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.03.537
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.04.545
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.05.550
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.06.555
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.10.560
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.20.587
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.21.596
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.23.616
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.24.621
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.25.622
-
cpe:2.3:a:southrivertech:titan_ftp_server:6.26.630
-
cpe:2.3:a:southrivertech:titan_ftp_server:7.00
-
cpe:2.3:a:southrivertech:titan_ftp_server:7.01
-
cpe:2.3:a:southrivertech:titan_ftp_server:7.02
-
cpe:2.3:a:southrivertech:titan_ftp_server:7.10
-
cpe:2.3:a:southrivertech:titan_ftp_server:7.12
-
cpe:2.3:a:southrivertech:titan_ftp_server:8.00
-
cpe:2.3:a:southrivertech:titan_ftp_server:8.01
-
cpe:2.3:a:southrivertech:titan_ftp_server:8.10
-
cpe:2.3:a:southrivertech:titan_ftp_server:8.10.1125