CVE-2016-5725

MEDIUM

JCraft JSch <0.1.54 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-5725. PoCs published by tintinweb.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in JSch (CVE-2016-5725) where a malicious SFTP server can force a client to write files outside the intended download directory. The PoC uses a modified SFTP server to serve a file with a traversal path, which the JSch client then downloads to an unintended location.

Description

Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by tintinweb · textdoswindows
https://www.exploit-db.com/exploits/40411

This exploit demonstrates a path traversal vulnerability in JSch (CVE-2016-5725) where a malicious SFTP server can force a client to write files outside the intended download directory. The PoC uses a modified SFTP server to serve a file with a traversal path, which the JSch client then downloads to an unintended location.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: JSch 0.1.53 and earlier
Auth required
Prerequisites: Access to a vulnerable JSch client · Ability to set up a malicious SFTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Sep/53
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93100
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:3115
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40411/
Mailing List mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/04/msg00017.html
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/138809/jsch-0.1.53-Path-Traversal.html
Release Notes x_refsource_confirm
http://www.jcraft.com/jsch/ChangeLog

Scores

CVSS v3 5.9
EPSS 0.2414
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (2)
com.jcraft/jsch 0 - 0.1.54Maven
jcraft/jsch < 0.1.53
Published Jan 19, 2017
Tracked Since Feb 18, 2026