CVE-2015-7601

PCMan's FTP Server <2.0.7 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows remote attackers to read arbitrary files via a ..// (dot dot double slash) in a RETR command.

Exploits (2)

metasploit WORKING POC
by Jay Turla, James Fitts · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/pcman_ftp_traversal.rb
exploitdb WORKING POC
by Jay Turla · pythonremotewindows
https://www.exploit-db.com/exploits/38340

References (2)

Scores

EPSS 0.5258
EPSS Percentile 97.9%

Classification

CWE
CWE-22
Status draft

Affected Products (1)

pcman\'s_ftp_server_project/pcman\'s_ftp_server

Timeline

Published Sep 29, 2015
Tracked Since Feb 18, 2026