Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restrict access to certain methods, which allows remote attackers to execute arbitrary files via a pathname in the first argument to the (1) Execute or (2) Run method, (3) write to arbitrary files via a pathname in the argument to the CreateLocalFile method, (4) create arbitrary directories via a pathname in the argument to the CreateLocalFolder method, or (5) delete arbitrary files via a pathname in the argument to the DeleteLocalFile method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Easewe FTP OCX 权限许可和访问控制漏洞
Vulnerability Description
Easewe FTP OCX是一个易于使用的FTP ActiveX组件,它支持所有标准FTP功能。 Easewe FTP OCX 4.5.0.9版本的EaseWeFtp.ocx文件中的EaseWeFtp.FtpLibrary ActiveX控件存在安全漏洞,该漏洞源于程序没有限制对特定方法的访问。远程攻击者可借助Execute或Run方法的‘first’参数中的路径名执行任意文件;借助CreateLocalFile方法的参数中的路径名利用该漏洞写入任意文件;借助CreateLocalFolder方法的参数
CVSS Information
N/A
Vulnerability Type
N/A