PT-2019-12655 · Ipswitch · Ws Ftp Server
Published
2019-06-11
·
Updated
2023-10-11
·
CVE-2019-12143
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Progress ipswitch WS FTP Server versions prior to 8.6.1
Description
A Directory Traversal issue was discovered in SSHServerAPI.dll. An attacker can supply a string using special patterns via the SCP protocol to disclose WS FTP usernames as well as filenames.
Recommendations
For versions prior to 8.6.1, update to version 8.6.1 or later to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ws Ftp Server