CVE-2020-14057

2020-07-0116:13:42

mitre

www.cve.org

9.8 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.6%

JSON

Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments.

References

github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191203-01_Monsta_FTP_Arbitrary_File_Read_and_Write

www.monstaftp.com/notes/