Unknown · Liquidfiles · CVE-2025-46093
**Name of the Vulnerable Software and Affected Versions**
LiquidFiles versions prior to 4.1.2
**Description**
LiquidFiles versions prior to 4.1.2 support FTP `SITE CHMOD` for mode 6777 (setuid and setgid). This allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.
**Recommendations**
Update LiquidFiles to version 4.1.2 or later.