Vulnerability Details CVE-2020-11707
An issue was discovered in ProVide (formerly zFTPServer) through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user (non-admin) can craft a Junction Link in a directory he has full control of, breaking out of the sandbox.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://github.com/belong2yourself/vulnerabilities/tree/master/ProVide/Sandbox%20Escape%20via%20Symlink%20or%20Junction
- https://www.provideserver.com/security/
- https://github.com/belong2yourself/vulnerabilities/tree/master/ProVide/Sandbox%20Escape%20via%20Symlink%20or%20Junction
- https://www.provideserver.com/security/
Products affected by CVE-2020-11707
-
cpe:2.3:a:provideserver:provide_ftp_server:-
-
cpe:2.3:a:provideserver:provide_ftp_server:13.1