CVE-2009-4053
Last modified
CVE-2009-4053 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.. EPSS estimates a 3.54% chance of exploitation in the next 30 days.
Description
Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Home Ftp Server Project | Home Ftp Server | 1.10.1.139 |
References
- http://secunia.com/advisories/37381Broken Link, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54303Third Party Advisory, VDB Entry
- http://secunia.com/advisories/37381Broken Link, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-4053?
How severe is CVE-2009-4053?
How do I fix CVE-2009-4053?
Are you affected by CVE-2009-4053?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST