Sftpgo Security Vulnerabilities and Issues — Sftpgo CVE List

Lucene search

DrakkanSftpgo

3 matches found

CVE•added 2024/06/20 6:15 p.m.•71 views

CVE-2024-37897

SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration.In SFTPGo versions prior to v2.6.1, if the feature is enabled, ...

5.4CVSS5.5AI score0.00126EPSS

CVE•added 2024/11/29 7:15 p.m.•46 views

CVE-2024-52801

sftpgo is a full-featured and highly configurable event-driven file transfer solution. Server protocols: SFTP, HTTP/S, FTP/S, WebDAV. The OpenID Connect implementation allows authenticated users to brute force session cookies and thereby gain access to other users' data, since the cookies are gener...

5.3CVSS6.7AI score0.0008EPSS

CVE•added 2024/11/21 6:15 p.m.•44 views

CVE-2024-52309

SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. One powerful feature of SFTPGo is the ability to have the EventManager execute scripts or run applications in response to certain events. This feature is very common in al...

5.1CVSS6.8AI score0.00203EPSS