CVE-2019-16116

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

EUVD-2019-6957

Malware in sbrugna...

CVE-2022-2560

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

CVE-2022-2560

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

CVE-2022-2560

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

Design/Logic Flaw

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

CVE-2022-2560

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

CVE-2022-2560

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper...

Enterprise Distributed Technologies CompleteFTP Server 路径遍历漏洞

Enterprise Distributed Technologies CompleteFTP Server is a Windows-based SFTP SHH File Transfer Protocol server from Enterprise Distributed Technologies, Australia. A path traversal vulnerability exists in Enterprise Distributed Technologies CompleteFTP Server version v22.1.0, which arises from...

CVE-2022-2560

CVE-2022-2560 affects EnterpriseDT CompleteFTP Server (version 22.1.0) with a flaw in the HttpFile class that fails to validate a user-supplied path before file operations. This allows remote attackers to delete arbitrary files with SYSTEM privileges and no authentication. Multiple connected sour...

EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper validation...

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

CVE-2019-16864

Affected product: EnterpriseDT CompleteFTP Server. Vulnerable if running CompleteFTP before 12.1.4; RCE via SSH: CompleteFTPService.exe executes the attacker’s command as SYSTEM, triggered by a Windows user with SSH access. Impact: remote code execution without user interaction. Remediation: upgr...

Enterprise Distributed Technologies CompleteFTP Server 命令注入漏洞

Enterprise Distributed Technologies CompleteFTP Server is a Windows-based SFTP SHH File Transfer Protocol server from Enterprise Distributed Technologies, Australia. A security vulnerability exists in Enterprise Distributed Technologies CompleteFTP Server versions prior to 12.1.4 that stems from...

CompleteFTP Professional 12.1.3 - Remote Code Execution

Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...

CVE-2019-16116

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

Information disclosure

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash...

CVE-2019-16116

CVE-2019-16116 affects EnterpriseDT CompleteFTP Server prior to version 12.1.3, where the Bootstrap.log file could leak the administrator password hash. Public sources describe a path where installation logging obscures the password, enabling an attacker to obtain credentials if remote administra...