Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
LFTP 安全漏洞
Vulnerability Description
LFTP是软件开发者Alexander V. Lukyanov所研发的一款基于命令行的FTP/HTTP客户端,它提供命令补全、断点续传、多个后台任务执行等功能。 LFTP 4.8.3及之前版本中存在安全漏洞,该漏洞源于程序没有正确的过滤远程文件名。远程攻击者可利用该漏洞移除用户系统的当前工作目录中的全部文件。
CVSS Information
N/A
Vulnerability Type
N/A