Vulnerability Details CVE-2020-8635
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-8635
-
cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3