CVE-2019-9648

MEDIUM

Core FTP <2.0 Build 674 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-9648. PoCs published by Kevin Randall, KevinRandall1337.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in CoreFTP Server via the SIZE command to check for the existence of arbitrary files on the remote system. It connects to the FTP server, authenticates anonymously, and attempts to traverse directories to locate a specified file (e.g., nslookup.exe).

Description

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned information.

Exploits (2)

exploitdb WORKING POC

by Kevin Randall · textdoswindows

https://www.exploit-db.com/exploits/46535

View Code ZIP pw:eip

This exploit leverages a directory traversal vulnerability in CoreFTP Server via the SIZE command to check for the existence of arbitrary files on the remote system. It connects to the FTP server, authenticates anonymously, and attempts to traverse directories to locate a specified file (e.g., nslookup.exe).

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: CoreFTP Server FTP / SFTP Server v2 - Build 674

Auth required

Prerequisites: Network access to the FTP server · Anonymous authentication enabled

MITRE ATT&CK