CVE-2019-12815

CRITICAL

ProFTPD <= 1.3.5b - Unauthenticated Arbitrary File Copy and Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-12815. PoCs published by KTN1990, lcartey.

AI-analyzed exploit summary The repository contains a Python script designed to scan for ProFTPD servers vulnerable to CVE-2019-12815, which involves an arbitrary file copy vulnerability in the mod_copy module. The script checks for anonymous access and the presence of the 'SITE CPFR' command, but does not include exploit code to perform the file copy operation.

Description

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

Exploits (2)

nomisec SCANNER 4 stars
by KTN1990 · poc
https://github.com/KTN1990/CVE-2019-12815

The repository contains a Python script designed to scan for ProFTPD servers vulnerable to CVE-2019-12815, which involves an arbitrary file copy vulnerability in the mod_copy module. The script checks for anonymous access and the presence of the 'SITE CPFR' command, but does not include exploit code to perform the file copy operation.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: ProFTPD with mod_copy module
No auth needed
Prerequisites: List of target IPs or domains · Network access to port 21
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by lcartey · poc
https://github.com/lcartey/proftpd-cve-2019-12815

This repository contains a functional exploit for CVE-2019-12815, a vulnerability in ProFTPD. The exploit demonstrates the vulnerability by leveraging the affected software's codebase and configuration to trigger the issue.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ProFTPD 1.3.7rc1
No auth needed
Prerequisites: Access to a vulnerable ProFTPD server
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (15)

Core 15
Core References
Patch, Third Party Advisory x_refsource_misc
https://tbspace.de/cve201912815proftpd.html
Exploit, Issue Tracking, Patch, Vendor Advisory x_refsource_misc
http://bugs.proftpd.org/show_bug.cgi?id=4372
Patch, Third Party Advisory x_refsource_misc
https://github.com/proftpd/proftpd/pull/816
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/109339
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Aug/3
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2019/dsa-4491
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/08/msg00006.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201908-16
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-940889.pdf

Scores

CVSS v3 9.8
EPSS 0.5761
EPSS Percentile 99.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-755
Status published
Products (7)
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
fedoraproject/fedora 29
fedoraproject/fedora 30
proftpd/proftpd < 1.3.5b
siemens/simatic_cp_1543-1_firmware 2.0 - 2.2
Published Jul 19, 2019
Tracked Since Feb 18, 2026