Description
Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename.
References (3)
Core 3
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40973
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/513085/100/0/threaded
Vendor Advisory x_refsource_misc
http://www.htbridge.ch/advisory/directory_traversal_in_softx_ftp_client.html
Scores
EPSS
0.0135
EPSS Percentile
68.2%
Details
CWE
CWE-22
Status
published
Products (1)
softx/ftp_client
3.3
Published
Aug 20, 2010
Tracked Since
Feb 18, 2026