Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ColoradoFTP Server <= 1.3 Build 8 Path Traversal Information Disclosure
Vulnerability Description
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
ColoradoFTP Server 安全漏洞
Vulnerability Description
ColoradoFTP Server是Colorado开源的一个Java FTP服务器软件。 ColoradoFTP Server 1.3 Build 8版本存在安全漏洞,该漏洞源于FTP GET和PUT命令路径清理不当,可能导致目录遍历。
CVSS Information
N/A
Vulnerability Type
N/A