CVE-2013-1625

Titan FTP Administrative Password Disclosure

STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1625. PoCs published by Spencer McIntyre, including Metasploit module auxiliary/scanner/http/titan_ftp_admin_pwd.

AI-analyzed exploit summary This Metasploit module exploits an information disclosure vulnerability in Titan FTP servers prior to version 9.14.1628. By sending a malformed XML request with fake authentication, the server responds with legitimate administrative credentials, allowing full control over the FTP service.

Description

On Titan FTP servers prior to version 9.14.1628, an attacker can retrieve the username and password for the administrative XML-RPC interface, which listens on TCP Port 31001 by default, by sending an XML request containing bogus authentication information. After sending this request, the server responds with the legitimate username and password for the service. With this information, an attacker has complete control over the FTP service, which includes the ability to add and remove FTP users, as well as add, remove, and modify available directories and their permissions.

Exploits (1)

metasploit WORKING POC
by Spencer McIntyre · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/titan_ftp_admin_pwd.rb

This Metasploit module exploits an information disclosure vulnerability in Titan FTP servers prior to version 9.14.1628. By sending a malformed XML request with fake authentication, the server responds with legitimate administrative credentials, allowing full control over the FTP service.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Titan FTP Server < 9.14.1628
No auth needed
Prerequisites: Network access to TCP port 31001
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status draft
Tracked Since Feb 18, 2026