CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jcraft: >> Jsch Security Vulnerabilities

CVE-2016-5725

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.

CVSS Score

5.9

EPSS Score

0.209

Published

2017-01-19

Page 1

Vulnerabilities

Vulnerable Software

Jcraft: >> Jsch Security Vulnerabilities

Products

Pricing

Contact Us