CVE-2020-20277

CRITICAL

uftpd 2.7-2.10 - Unauthenticated Directory Traversal via FTP Command Chroot Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-20277. PoCs published by Aaron Esau.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in uftpd versions 2.7 to 2.10, allowing authenticated users (or unauthenticated if anonymous login is enabled) to read arbitrary files on the system. The PoC involves using FTP commands to traverse directories and retrieve sensitive files like /etc/passwd.

Description

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's compose_abspath function that can be abused to read or write to arbitrary files on the filesystem, leak process memory, or potentially lead to remote code execution.

Exploits (1)

exploitdb WORKING POC

by Aaron Esau · textremotelinux

https://www.exploit-db.com/exploits/51000

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in uftpd versions 2.7 to 2.10, allowing authenticated users (or unauthenticated if anonymous login is enabled) to read arbitrary files on the system. The PoC involves using FTP commands to traverse directories and retrieve sensitive files like /etc/passwd.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: uftpd 2.7 to 2.10

Auth required

Prerequisites: FTP access to the target system · Anonymous login enabled or valid credentials

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Third Party Advisory x_refsource_misc

https://github.com/troglobit/uftpd/commit/455b47d3756aed162d2d0ef7f40b549f3b5b30fe

View Patch ZIP pw:eip

Third Party Advisory x_refsource_misc

https://arinerron.com/blog/posts/6

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/167908/uftpd-2.10-Directory-Traversal.html

Scores

CVSS v3 9.8

EPSS 0.2525

EPSS Percentile 97.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

troglobit/uftpd 2.7 - 2.10

Published Dec 18, 2020

Tracked Since Feb 18, 2026