Strix
26.1K

CVE-2010-2425

UnknownEPSS 1.22%

Last modified

CVE-2010-2425 is a vulnerability of currently unknown severity. Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.. EPSS estimates a 1.22% chance of exploitation in the next 30 days.

Description

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.

Metrics

EPSS Probability
1.22%

64.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
SouthrivertechTitan Ftp Server<= 8.10.1125
SouthrivertechTitan Ftp Server1.0.17
SouthrivertechTitan Ftp Server1.0.18
SouthrivertechTitan Ftp Server1.0.19
SouthrivertechTitan Ftp Server1.0.20
SouthrivertechTitan Ftp Server1.0.21
SouthrivertechTitan Ftp Server1.0.22
SouthrivertechTitan Ftp Server1.0.23
SouthrivertechTitan Ftp Server1.0.24
SouthrivertechTitan Ftp Server1.0.25
SouthrivertechTitan Ftp Server1.0.26
SouthrivertechTitan Ftp Server1.0.27
SouthrivertechTitan Ftp Server1.0.28
SouthrivertechTitan Ftp Server1.0.29
SouthrivertechTitan Ftp Server1.0.30
SouthrivertechTitan Ftp Server1.0.31
SouthrivertechTitan Ftp Server1.1.33
SouthrivertechTitan Ftp Server1.11.34
SouthrivertechTitan Ftp Server2.0.44Beta
SouthrivertechTitan Ftp Server2.00.95
SouthrivertechTitan Ftp Server2.01.96
SouthrivertechTitan Ftp Server2.02.99
SouthrivertechTitan Ftp Server2.10.119
SouthrivertechTitan Ftp Server2.10.120
SouthrivertechTitan Ftp Server2.10.121
SouthrivertechTitan Ftp Server2.11.132
SouthrivertechTitan Ftp Server2.20.140
SouthrivertechTitan Ftp Server2.21.142
SouthrivertechTitan Ftp Server2.30.151
SouthrivertechTitan Ftp Server2.31.152
SouthrivertechTitan Ftp Server2.40.155
SouthrivertechTitan Ftp Server3.00.162
SouthrivertechTitan Ftp Server3.01.163
SouthrivertechTitan Ftp Server3.02.165
SouthrivertechTitan Ftp Server3.10.169
SouthrivertechTitan Ftp Server3.12.172
SouthrivertechTitan Ftp Server3.20.175
SouthrivertechTitan Ftp Server3.21.177
SouthrivertechTitan Ftp Server3.22.178
SouthrivertechTitan Ftp Server3.30.186
SouthrivertechTitan Ftp Server4.00.245
SouthrivertechTitan Ftp Server4.01.246
SouthrivertechTitan Ftp Server4.02.248
SouthrivertechTitan Ftp Server4.03.249
SouthrivertechTitan Ftp Server4.05.252
SouthrivertechTitan Ftp Server4.10.256
SouthrivertechTitan Ftp Server4.11.257
SouthrivertechTitan Ftp Server4.13.260
SouthrivertechTitan Ftp Server4.14.261
SouthrivertechTitan Ftp Server4.20.263

Showing 50 of 126 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-2425?
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
How severe is CVE-2010-2425?
Severity scoring for CVE-2010-2425 is pending analysis. The EPSS model estimates a 1.22% probability of exploitation in the next 30 days.
How do I fix CVE-2010-2425?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-2425?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST