Southrivertech

Titan Ftp Server

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2023-45690

Exploit
  • EPSS 0.24%
  • Veröffentlicht 16.10.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:27:13

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem

6.1

CVE-2022-44215

Exploit
  • EPSS 1.47%
  • Veröffentlicht 22.08.2023 19:16:29
  • Zuletzt bearbeitet 21.11.2024 07:27:45

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.

8.8

CVE-2023-22629

Exploit
  • EPSS 79.02%
  • Veröffentlicht 14.02.2023 20:15:16
  • Zuletzt bearbeitet 20.03.2025 21:15:17

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.

6.5

CVE-2019-10009

Exploit
  • EPSS 6.28%
  • Veröffentlicht 03.06.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:12

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded i...

5

CVE-2014-1841

  • EPSS 5.1%
  • Veröffentlicht 29.04.2014 10:37:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.

5

CVE-2014-1842

Exploit
  • EPSS 4.43%
  • Veröffentlicht 29.04.2014 10:37:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.

5

CVE-2014-1843

Exploit
  • EPSS 4.82%
  • Veröffentlicht 29.04.2014 10:37:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter...

6.5

CVE-2010-2425

  • EPSS 0.53%
  • Veröffentlicht 24.06.2010 12:17:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.

4

CVE-2010-2426

Exploit
  • EPSS 30.24%
  • Veröffentlicht 24.06.2010 12:17:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc com...

5

CVE-2008-6082

Exploit
  • EPSS 61.6%
  • Veröffentlicht 06.02.2009 11:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.