CVE-2010-2425
Titan FTP Server < 8.10.1125 - Authenticated Path Traversal via COMB Command
Title source: llmDescription
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40237
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40949
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511873/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/65622
Scores
EPSS
0.0122
EPSS Percentile
64.9%
Details
CWE
CWE-22
Status
published
Products (50)
southrivertech/titan_ftp_server
1.0.17
southrivertech/titan_ftp_server
1.0.18
southrivertech/titan_ftp_server
1.0.19
southrivertech/titan_ftp_server
1.0.20
southrivertech/titan_ftp_server
1.0.21
southrivertech/titan_ftp_server
1.0.22
southrivertech/titan_ftp_server
1.0.23
southrivertech/titan_ftp_server
1.0.24
southrivertech/titan_ftp_server
1.0.25
southrivertech/titan_ftp_server
1.0.26
... and 40 more
Published
Jun 24, 2010
Tracked Since
Feb 18, 2026