header-logo
Suggest Exploit
vendor:
Wise-FTP
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Wise-FTP
Affected Version From: Prior to 5.5.9
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a:wise-ftp:wise-ftp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

WISE-FTP Directory Traversal Vulnerability

WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.

Mitigation:

Ensure that user-supplied input is properly sanitized before being used.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/29844/info

WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.

Versions prior to WISE-FTP 5.5.9 are vulnerable.

Response to LIST:

\..\..\..\..\..\..\..\..\..\testfile.txt\r\n

Navigation

Suggest Exploit

Services By CQR