Back to search
CVE-2019-10009
Published: Jun 3, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion
mailing-list
x_refsource_FULLDISC
46611
exploit
x_refsource_EXPLOIT-DB
https://seclists.org/fulldisclosure/2019/Mar/47
x_refsource_MISC
46611
exploit
x_refsource_EXPLOIT-DB
http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now