CVE-2019-10009

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:southrivertech:titan_ftp_server:2019:3505:*:*:*:*:*:*

History

No history.

Information

Published : 2019-06-03 21:29

Updated : 2024-02-28 17:08


NVD link : CVE-2019-10009

Mitre link : CVE-2019-10009

CVE.ORG link : CVE-2019-10009


JSON object : View

Products Affected

southrivertech

  • titan_ftp_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')