Sabahattin Gucukoglu

**Name of the Vulnerable Software and Affected Versions** Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station versions prior to 7.5.2 **Description** The issue allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by leveraging write access to an intranet FTP server. This is due to the Application-Level Gateway (ALG) modifying PORT commands in incoming FTP traffic. **Recommendations** For Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station versions prior to 7.5.2, update the firmware to version 7.5.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple AirPort Express, AirPort Extreme, and Time Capsule version 7.5 **Description** The issue concerns the FTP proxy server, which does not properly restrict IP addresses and ports specified in a PORT command from a client. This allows remote attackers to use intranet FTP servers for arbitrary TCP forwarding by crafting a PORT command. **Recommendations** For Apple AirPort Express, AirPort Extreme, and Time Capsule version 7.5, consider restricting access to the FTP proxy server until a fix is available. As a temporary workaround, restrict the use of the PORT command to minimize the risk of exploitation.