Lucene search
HistoryNov 03, 2010 - 8:00 p.m.
CVE-2010-4153
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.9%
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "…" (dot dot backslash) in a filename.
Affected configurations
Node
crossftpcrossftp_proRange≤1.65a
ORcrossftpcrossftp_proMatch1.14
ORcrossftpcrossftp_proMatch1.15
ORcrossftpcrossftp_proMatch1.16
ORcrossftpcrossftp_proMatch1.17
ORcrossftpcrossftp_proMatch1.18
ORcrossftpcrossftp_proMatch1.19
ORcrossftpcrossftp_proMatch1.20
ORcrossftpcrossftp_proMatch1.21
ORcrossftpcrossftp_proMatch1.22
ORcrossftpcrossftp_proMatch1.23
ORcrossftpcrossftp_proMatch1.24
ORcrossftpcrossftp_proMatch1.25
ORcrossftpcrossftp_proMatch1.26
ORcrossftpcrossftp_proMatch1.27
ORcrossftpcrossftp_proMatch1.28
ORcrossftpcrossftp_proMatch1.29
ORcrossftpcrossftp_proMatch1.30
ORcrossftpcrossftp_proMatch1.31
ORcrossftpcrossftp_proMatch1.32
ORcrossftpcrossftp_proMatch1.33
ORcrossftpcrossftp_proMatch1.34
ORcrossftpcrossftp_proMatch1.35
ORcrossftpcrossftp_proMatch1.36
ORcrossftpcrossftp_proMatch1.37
ORcrossftpcrossftp_proMatch1.38
ORcrossftpcrossftp_proMatch1.39
ORcrossftpcrossftp_proMatch1.40
ORcrossftpcrossftp_proMatch1.41
ORcrossftpcrossftp_proMatch1.42
ORcrossftpcrossftp_proMatch1.50
ORcrossftpcrossftp_proMatch1.51
ORcrossftpcrossftp_proMatch1.52
ORcrossftpcrossftp_proMatch1.53
Related
cve
cve
CVE-2010-4153
2010-11-03 20:00:03
htbridge
htbridge
Directory Traversal Vulnerability in CrossFTP Pro
2010-09-27 00:00:00
prion
prion
Directory traversal
2010-11-03 20:00:00
cvelist
cvelist
CVE-2010-4153
2010-11-03 19:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.9%
Related for NVD:CVE-2010-4153