CVE-2022-44215

MEDIUM

Titan FTP Server <19.0 - Open Redirect

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-44215. PoCs published by JBalanza.

AI-analyzed exploit summary The repository describes an open redirection vulnerability (CVE-2022-44215) in Titan FTP server versions 19.X and prior, where unsanitized backslashes in URLs lead to arbitrary redirections. It includes testing methods and potential attack scenarios but lacks executable exploit code.

Description

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.

Exploits (1)

nomisec WRITEUP 1 stars

by JBalanza · poc

https://github.com/JBalanza/CVE-2022-44215

View Code ZIP pw:eip

The repository describes an open redirection vulnerability (CVE-2022-44215) in Titan FTP server versions 19.X and prior, where unsanitized backslashes in URLs lead to arbitrary redirections. It includes testing methods and potential attack scenarios but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Titan FTP server 19.X and prior

No auth needed

Prerequisites: Access to a vulnerable Titan FTP server instance · Ability to craft URLs with backslashes

MITRE ATT&CK

T1505 - Server Software Component T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Broken Link

https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing

Exploit, Third Party Advisory

https://github.com/JBalanza/CVE-2022-44215

Scores

CVSS v3 6.1

EPSS 0.0075

EPSS Percentile 50.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (1)

southrivertech/titan_ftp_server < 19.0

Published Aug 22, 2023

Tracked Since Feb 18, 2026