Rvlaboratory

**Name of the Vulnerable Software and Affected Versions** ColoradoFTP Server versions prior to 1.3 Build 9 **Description** A directory traversal issue exists in ColoradoFTP Server, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP. **Recommendations** Update to a version prior to 1.3 Build 9.