CVE-2010-4790

FilterFTP 2.0.3 and 2.0.5 - Path Traversal via Dot Dot Backslash in Filename

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41737
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514182/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8218

Scores

EPSS 0.0114
EPSS Percentile 62.7%

Details

CWE
CWE-22
Status published
Products (2)
in-mediakg/filterftp 2.0.3
in-mediakg/filterftp < 2.0.5
Published Apr 27, 2011
Tracked Since Feb 18, 2026