CVE-2011-4722
Ipswitch Tftp Server - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by SecPod Research · textremotewindows
https://www.exploit-db.com/exploits/18189
metasploit
WORKING POC
by Prabhu S Angadi, sinn3r, juan vazquez · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb
References (7)
Scores
EPSS
0.2079
EPSS Percentile
95.6%
Details
CWE
CWE-22
Status
published
Products (1)
ipswitch/tftp_server
1.0.0.24
Published
Dec 28, 2014
Tracked Since
Feb 18, 2026