2 matches found
CVE-2020-23040
Sky File v2.1.0 is affected by a directory traversal vulnerability in its FTP server that allows an attacker to access sensitive data via 'null' path commands. The issue arises from improper handling of directory traversal, enabling access to files outside the intended directory. Affected compone...
CVE-2020-36488
CVE-2020-36488 describes a directory-traversal flaw in the FTP server of Sky File v2.1.0. The issue allows attackers to traverse directories using the /null// path commands, indicating improper input handling/validation in the server component. Per CVSS data in the initial document, the vulnerabi...