PT-2020-20245 · Wing Ftp · Wing Ftp Server

Published

2020-03-06

Updated

2021-07-21

CVE-2020-8635

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wing FTP Server version 6.2.3

Description The issue allows local users to create FTP users with full privileges and escalate privileges within the operating system by modifying system files due to insecure permissions set on installation directories and configuration files.

Recommendations For Wing FTP Server version 6.2.3, manually adjust the permissions of the installation directories and configuration files to prevent unauthorized access and modifications.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2020-8635

Affected Products

Wing Ftp Server

PT-2020-20245 · Wing Ftp · Wing Ftp Server

CVE-2020-8635

Weakness Enumeration

Related Identifiers

Affected Products

References · 4