PT-2024-39990

Name of the Vulnerable Software and Affected Versions WS FTP Server versions prior to 8.8.9 Description The issue is related to an incorrect implementation of the authentication algorithm in the Web Transfer Module, allowing users to bypass the second-factor verification and log in using only the...

PT-2024-38553 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 8.8.8 Description: A missing critical step in the multi-factor authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only...

PT-2023-5770 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 8.7.4 and 8.8.2 Description: A directory traversal vulnerability was discovered in WS FTP Server, allowing an attacker to perform file operations such as delete, rename, rmdir, and mkdir on files and folders...

PT-2022-23713 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 8.7.3 Description: The administrative web interface of WS FTP Server contains multiple reflected cross-site scripting XSS vulnerabilities. A remote attacker can inject arbitrary JavaScript into a WS FTP...

ipswitch WS_FTP Server Directory Traversal Vulnerability (CNVD-2019-24249)

ipswitch WSFTP Server is an FTP service program for Windows systems. A directory traversal vulnerability exists in SSHServerAPI.dll in ipswitch WSFTP Server versions prior to 2018 8.6.1. The vulnerability can be exploited by an attacker to obtain WSFTP usernames and filenames via the SCP protocol...

PT-2006-5602 · Ipswitch · Ipswitch Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: Ipswitch WS FTP Server version 5.05 before Hotfix 1 Description: The issue is related to multiple buffer overflows that allow remote authenticated users to execute arbitrary code. This can be achieved by sending long XCRC, XSHA1, or XMD5...

PT-2004-2783 · Ipswitch · Ipswitch Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: Ipswitch WS FTP Server version 4.0.2 Description: The issue allows remote attackers to gain access due to a backdoor with the XXSESS MGRYY username that has a default password. Recommendations: For Ipswitch WS FTP Server version 4.0.2, change...

PT-1999-1600 · Ipswitch · Ws Ftp

Name of the Vulnerable Software and Affected Versions: IPswitch WS FTP affected versions not specified Description: The issue allows local users to gain additional privileges and modify or add mail accounts by setting the flags registry key to 1920. Recommendations: At the moment, there is no...