CVE-2023-38960

Name of the Vulnerable Software and Affected Versions RaidenFTPD version 2.4 build 4005

Description The issue allows a local attacker to gain privileges and execute arbitrary code via a crafted executable running from the installation directory. This is due to an Insecure Permissions problem in the software.

Recommendations For version 2.4 build 4005, consider restricting access to the installation directory to prevent local attackers from executing arbitrary code until a patch is available. As a temporary workaround, ensure that only trusted executables are run from the installation directory.