CVE-2017-6510

HIGH

Efssoft Easy File Sharing FTP Server < 3.6 - Path Traversal

Title source: rule

Description

Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory.

Exploits (1)

metasploit WORKING POC

by Ahmed Elhady Mohamed · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.rb

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://www.rapid7.com/db/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/96944

Scores

CVSS v3 7.5

EPSS 0.5981

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

efssoft/easy_file_sharing_ftp_server < 3.6

Published Mar 16, 2017

Tracked Since Feb 18, 2026