CVE-2010-2425

Titan FTP Server < 8.10.1125 - Authenticated Path Traversal via COMB Command

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40237
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40949
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511873/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/65622

Scores

EPSS 0.0122
EPSS Percentile 64.9%

Details

CWE
CWE-22
Status published
Products (50)
southrivertech/titan_ftp_server 1.0.17
southrivertech/titan_ftp_server 1.0.18
southrivertech/titan_ftp_server 1.0.19
southrivertech/titan_ftp_server 1.0.20
southrivertech/titan_ftp_server 1.0.21
southrivertech/titan_ftp_server 1.0.22
southrivertech/titan_ftp_server 1.0.23
southrivertech/titan_ftp_server 1.0.24
southrivertech/titan_ftp_server 1.0.25
southrivertech/titan_ftp_server 1.0.26
... and 40 more
Published Jun 24, 2010
Tracked Since Feb 18, 2026