3 matches found
CVE-2019-12144
CVE-2019-12144 affects Progress IPSwitch WS_FTP Server 2018 (before 8.6.1). The issue is in SSHServerAPI.dll and enables path traversal via SCP, with potential remote code execution by crafting a payload that abuses the SITE command feature. Multiple connected sources (NVD entry, CNVD entry, PRIO...
CVE-2019-12145
CVE-2019-12145 affects Progress IPSwitch WS_FTP Server 2018 up to version 8.6.0. The flaw resides in SSHServerAPI.dll, allowing a directory-traversal via crafted strings sent over SCP, enabling an attacker to disclose pathnames on the host operating system. The vulnerability is a path-disclosure ...
CVE-2019-12146
CVE-2019-12146 affects Progress Ipswitch WS_FTP Server 2018 before 8.6.1. Vulnerable component: SSHServerAPI.dll; SCP listener flaw allows crafted strings to write files and create directories outside the authorized directory. Attack surface is network-exposed; impact includes potential unauthori...