CVE-2023-45685 Arbitrary file write via "zip slip" in Titan MFT and Titan SFTP servers

2023-10-1616:08:25

CWE-22

rapid7

github.com

cve-2023-45685

zip slip

path validation

south river technologies

windows

linux

authenticated attacker

filesystem

path traversal

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Insufficient path validation when extracting a zip archive in South River Technologies’ Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:south_river_technologies:titan_mft:*:*:*:*:*:*:*:*"
    ],
    "vendor": "south_river_technologies",
    "product": "titan_mft",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "2.0.17.2298"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:south_river_technologies:titan_sftp:*:*:*:*:*:*:*:*"
    ],
    "vendor": "south_river_technologies",
    "product": "titan_sftp",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "2.0.17.2298"
      }
    ],
    "defaultStatus": "unknown"
  }
]