Yanra

**Name of the Vulnerable Software and Affected Versions** pyftpdlib versions prior to 0.2.0 **Description** The issue allows remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command. This is due to multiple directory traversal vulnerabilities in FTPServer.py. **Recommendations** For pyftpdlib versions prior to 0.2.0, update to version 0.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the LIST, STOR, and RETR commands until a patch is available. Avoid using the .. (dot dot) notation in these commands to minimize the risk of exploitation.