6 matches found
EUVD-2026-33642
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...
EUVD-2026-1041
Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below do not revoke active SFTP connections when a user is removed from a server instance or has their permissions changes with respect to file access over SFTP. This allows a user that was already connected to...
CVE-2025-53868 BIG-IP SCP and SFTP vulnerability
When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2024-40239 · Teleport · Teleport
Name of the Vulnerable Software and Affected Versions: Teleport versions prior to 12.4.31 Teleport versions prior to 13.4.13 Teleport versions prior to 14.2.4 Description: An attacker with access to nodes within the cluster may be able to SFTP to the Proxy Service. The user's permissions on the...
CVE-2018-3267
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: LFTP. The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via FTP to compromise Solaris. Successful attacks of this...