AI Score
Confidence
High
EPSS
Percentile
49.9%
The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters.
tigger.uic.edu/~jlongs2/holes/iglooftp2.txt
exchange.xforce.ibmcloud.com/vulnerabilities/18561