Description
Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
http://www.htbridge.ch/advisory/directory_traversal_in_frigate_3_built_in_ftp_client.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40898
Scores
EPSS
0.0152
EPSS Percentile
71.5%
Details
CWE
CWE-22
Status
published
Products (20)
winfrigate/frigate_3
3.17
winfrigate/frigate_3
3.18
winfrigate/frigate_3
3.19
winfrigate/frigate_3
3.20
winfrigate/frigate_3
3.21
winfrigate/frigate_3
3.22
winfrigate/frigate_3
3.23
winfrigate/frigate_3
3.24
winfrigate/frigate_3
3.25
winfrigate/frigate_3
3.26
... and 10 more
Published
Aug 20, 2010
Tracked Since
Feb 18, 2026