In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. NOTE: this is a product from 2006.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/172560/WFTPD-3.25-Credential-Disclosure.html | Third Party Advisory VDB Entry |
Configurations
History
01 Jun 2023, 17:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-522 | |
CPE | cpe:2.3:a:wftpd_project:wftpd:3.25:*:*:*:*:*:*:* | |
First Time |
Wftpd Project
Wftpd Project wftpd |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://packetstormsecurity.com/files/172560/WFTPD-3.25-Credential-Disclosure.html - Third Party Advisory, VDB Entry |
Information
Published : 2023-05-25 20:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-33263
Mitre link : CVE-2023-33263
CVE.ORG link : CVE-2023-33263
JSON object : View
Products Affected
wftpd_project
- wftpd
CWE
CWE-522
Insufficiently Protected Credentials