CVE-2010-4790
FilterFTP 2.0.3 and 2.0.5 - Path Traversal via Dot Dot Backslash in Filename
Title source: llmDescription
Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.
References (5)
Core 5
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/1010-exploits/filterftp-traversal.txt
Exploit x_refsource_misc
http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_filterftp.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/41737
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514182/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8218
Scores
EPSS
0.0114
EPSS Percentile
62.7%
Details
CWE
CWE-22
Status
published
Products (2)
in-mediakg/filterftp
2.0.3
in-mediakg/filterftp
< 2.0.5
Published
Apr 27, 2011
Tracked Since
Feb 18, 2026