Lucene search

[email protected]CVE-2020-26299

HistoryFeb 10, 2021 - 6:15 p.m.

CVE-2020-26299

2021-02-1018:15:12

CWE-22

[email protected]

web.nvd.nist.gov

cve-2020-26299

ftp-srv

ftp server

path traversal

vulnerability

security issue

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user’s defined root folder using the expected FTP commands, for example, CWD and UPDR. When windows separators exist within the path (\), path.resolve leaves the upper pointers intact and allows the user to move beyond the root folder defined for that user. We did not take that into account when creating the path resolve function. The issue is patched in version 4.4.0 (commit 457b859450a37cba10ff3c431eb4aa67771122e3).

Affected configurations

Vulners

NVD

Node

autovanceftp_srvRange<4.4.0

CPENameOperatorVersion
ftp-srv_project:ftp-srvftp-srv project ftp-srvlt4.4.0

CPE	Name	Operator	Version
ftp-srv_project:ftp-srv	ftp-srv project ftp-srv	lt	4.4.0

CNA Affected

[
  {
    "product": "ftp-srv",
    "vendor": "autovance",
    "versions": [
      {
        "status": "affected",
        "version": "< 4.4.0"
      }
    ]
  }
]