CVE-2014-1843
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
29/04/2014
Last modified:
12/04/2025
Description
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:* | 10.40 (including) | |
| cpe:2.3:a:southrivertech:titan_ftp_server:10.0.1733:*:*:*:*:*:*:* | ||
| cpe:2.3:a:southrivertech:titan_ftp_server:10.01.1740:*:*:*:*:*:*:* | ||
| cpe:2.3:a:southrivertech:titan_ftp_server:10.30:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html
- http://www.exploit-db.com/exploits/31579
- http://www.osvdb.org/103197
- http://www.securityfocus.com/bid/65469
- http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html
- http://www.exploit-db.com/exploits/31579
- http://www.osvdb.org/103197
- http://www.securityfocus.com/bid/65469