CVE-2011-4717

Zftpserver Suite - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.

Exploits (1)

exploitdb WORKING POC

by Stefan Schurtz · perlremotewindows

https://www.exploit-db.com/exploits/18235

View Code ZIP pw:eip

References (2)

[Various Sources] http://forum.zftpserver.com/viewtopic.php?f=4&t=2927

[Various Sources] http://www.infoserve.de/system/files/advisories/INFOSERVE-ADV2011-09.txt

Scores

EPSS 0.0114

EPSS Percentile 78.4%

Details

CWE

CWE-22

Status published

Products (1)

zftpserver/zftpserver_suite 6.0.0.52

Published Dec 20, 2011

Tracked Since Feb 18, 2026