vendor:
Product Name
by:
Anonymous
7.8
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Product Name
Affected Version From: 1
Affected Version To: 2
Patch Exists: YES
Related CWE: CVE-2020-1234
CPE: a:vendor:product_name
Other Scripts:
https://www.infosecmatter.com/nessus-plugin-library/?id=137254, https://www.infosecmatter.com/nessus-plugin-library/?id=135640, https://www.infosecmatter.com/nessus-plugin-library/?id=94362, https://www.infosecmatter.com/nessus-plugin-library/?id=139006, https://www.infosecmatter.com/nessus-plugin-library/?id=82619, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/admin/dcerpc/cve_2020_1472_zerologon, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/admin/dcerpc/cve_2021_1675_printnightmare, https://www.infosecmatter.com/nessus-plugin-library/?id=134367, https://www.infosecmatter.com/nessus-plugin-library/?id=124064, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/http/plex_unpickle_dict_rce
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux, Windows, Mac
2020
FTP MKD Directory Traversal Vulnerability
This exploit allows an attacker to traverse outside the FTP root directory by using the MKD command. The MKD command is used to create a directory on the FTP server. By using a relative path, the attacker can traverse outside the FTP root directory and access files and directories that are not intended to be accessible.
Mitigation:
Ensure that the FTP server is configured to restrict access to the root directory and its subdirectories.