CVE-2014-1843

NUCLEI

Titan FTP Server <10.40.1829 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.

Exploits (1)

exploitdb WRITEUP

by Fara Rustein · textwebappswindows

https://www.exploit-db.com/exploits/31579

View Code ZIP pw:eip

Nuclei Templates (1)

Titan FTP Server < 10.40 - User Properties Traversal

MEDIUMVERIFIEDby pussycat0x

Shodan: product:"Titan ftpd"

References (4)

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html

[Exploit] http://www.exploit-db.com/exploits/31579

[Third Party Advisory, VDB Entry] http://www.osvdb.org/103197

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65469

Scores

EPSS 0.0358

EPSS Percentile 87.8%

Details

CWE

CWE-22

Status published

Products (4)

southrivertech/titan_ftp_server 10.0.1733

southrivertech/titan_ftp_server 10.01.1740

southrivertech/titan_ftp_server 10.30

southrivertech/titan_ftp_server < 10.40

Published Apr 29, 2014

Tracked Since Feb 18, 2026