CVE-2014-1842

NUCLEI

Titan FTP Server <10.40.1829 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-1842. PoCs published by Fara Rustein. A Nuclei detection template is also available.

AI-analyzed exploit summary This document describes multiple directory traversal vulnerabilities in Titan FTP Server, including user enumeration and unauthorized access to user folders via path manipulation in the web interface.

Description

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.

Exploits (1)

exploitdb WRITEUP
by Fara Rustein · textwebappswindows
https://www.exploit-db.com/exploits/31579

This document describes multiple directory traversal vulnerabilities in Titan FTP Server, including user enumeration and unauthorized access to user folders via path manipulation in the web interface.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Titan FTP Server (Version 10.32 Build 1816)
Auth required
Prerequisites: Access to the Titan FTP Server web interface · Valid credentials for authenticated attacks
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Titan FTP Server Search Function < 10.40 - User Enumeration
MEDIUMVERIFIEDby pussycat0x
Shodan: product:"Titan ftpd"

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/103196
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/31579
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html

Scores

EPSS 0.0245
EPSS Percentile 85.6%

Details

CWE
CWE-22
Status published
Products (4)
southrivertech/titan_ftp_server 10.0.1733
southrivertech/titan_ftp_server 10.01.1740
southrivertech/titan_ftp_server 10.30
southrivertech/titan_ftp_server < 10.40
Published Apr 29, 2014
Tracked Since Feb 18, 2026