Search criteria
30 vulnerabilities found for titan_ftp_server by southrivertech
FKIE_CVE-2023-45690
Vulnerability from fkie_nvd - Published: 2023-10-16 17:15 - Updated: 2024-11-21 08:27
Severity ?
Summary
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * | |
| southrivertech | titan_mft_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6789AE7E-5499-4F33-954F-B051EF52C213",
"versionEndIncluding": "2.0.16.2277",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "6F4EB0AE-8C4A-4FF6-AE00-D87C9719C6D7",
"versionEndExcluding": "2.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Default file permissions on South River Technologies\u0027 Titan MFT and Titan SFTP servers on Linux allows a user that\u0027s authentication to the OS to read sensitive files on the filesystem"
},
{
"lang": "es",
"value": "Los permisos de archivos predeterminados en los servidores Titan MFT y Titan SFTP de South River Technologies en Linux permiten que un usuario que se autentica en el sistema operativo lea archivos confidenciales en el sistema de archivos."
}
],
"id": "CVE-2023-45690",
"lastModified": "2024-11-21T08:27:13.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-16T17:15:10.310",
"references": [
{
"source": "cve@rapid7.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
},
{
"source": "cve@rapid7.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
}
],
"sourceIdentifier": "cve@rapid7.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "cve@rapid7.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-44215
Vulnerability from fkie_nvd - Published: 2023-08-22 19:16 - Updated: 2024-11-21 07:27
Severity ?
Summary
There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing | Broken Link | |
| cve@mitre.org | https://github.com/JBalanza/CVE-2022-44215 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/JBalanza/CVE-2022-44215 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95740E8D-D52A-4ADF-822A-AC2E60ACB02A",
"versionEndIncluding": "19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL."
},
{
"lang": "es",
"value": "Hay una vulnerabilidad de redirecci\u00f3n abierta en las versiones 19.0 e inferiores del servidor Titan FTP. Los usuarios son redirigidos a cualquier URL de destino."
}
],
"id": "CVE-2022-44215",
"lastModified": "2024-11-21T07:27:45.680",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-22T19:16:29.777",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/JBalanza/CVE-2022-44215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/JBalanza/CVE-2022-44215"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22629
Vulnerability from fkie_nvd - Published: 2023-02-14 20:15 - Updated: 2025-03-20 21:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13DC6D97-D3C0-4DBC-9BB5-349375E50E7F",
"versionEndIncluding": "1.94.1205",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server\u0027s filesystem."
}
],
"id": "CVE-2023-22629",
"lastModified": "2025-03-20T21:15:17.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-14T20:15:16.767",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://titanftp.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://titanftp.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2019-10009
Vulnerability from fkie_nvd - Published: 2019-06-03 21:29 - Updated: 2024-11-21 04:18
Severity ?
Summary
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | 2019 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2019:3505:*:*:*:*:*:*",
"matchCriteriaId": "926A03A3-BD6F-4D2F-9018-437F5171EA83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \\..\\..\\ technique, arbitrary files can be loaded in the server response outside the root directory."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema de Recorrido de directorios en la GUI web en el servidor FTP 2019 Build 3505 de Titan. Cuando un usuario identificado intenta obtener una vista previa de un archivo cargado (a trav\u00e9s de PreviewHandler.ashx) utilizando una t\u00e9cnica \\ .. \\ .. \\, los archivos arbitrarios pueden ser cargado en la respuesta del servidor fuera del directorio ra\u00edz."
}
],
"id": "CVE-2019-10009",
"lastModified": "2024-11-21T04:18:12.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-03T21:29:00.350",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"source": "cve@mitre.org",
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/46611/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-1842
Vulnerability from fkie_nvd - Published: 2014-04-29 10:37 - Updated: 2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * | |
| southrivertech | titan_ftp_server | 10.0.1733 | |
| southrivertech | titan_ftp_server | 10.01.1740 | |
| southrivertech | titan_ftp_server | 10.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "616CA981-B96B-447F-B55A-75182A0ADDB9",
"versionEndIncluding": "10.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.0.1733:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4F7870-2207-4F14-8BFF-E7B18D7C016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.01.1740:*:*:*:*:*:*:*",
"matchCriteriaId": "C505A088-0DCC-4E91-8266-EB55BF42E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA0F371-003E-447F-B3DB-951EA39091B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos listar todos los nombres de usuarios a trav\u00e9s de una acci\u00f3n Go con un .. (punto punto) en el valor de barra de b\u00fasqueda."
}
],
"id": "CVE-2014-1842",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-29T10:37:03.780",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/103196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/103196"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-1841
Vulnerability from fkie_nvd - Published: 2014-04-29 10:37 - Updated: 2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * | |
| southrivertech | titan_ftp_server | 10.0.1733 | |
| southrivertech | titan_ftp_server | 10.01.1740 | |
| southrivertech | titan_ftp_server | 10.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "616CA981-B96B-447F-B55A-75182A0ADDB9",
"versionEndIncluding": "10.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.0.1733:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4F7870-2207-4F14-8BFF-E7B18D7C016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.01.1740:*:*:*:*:*:*:*",
"matchCriteriaId": "C505A088-0DCC-4E91-8266-EB55BF42E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA0F371-003E-447F-B3DB-951EA39091B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user\u0027s home folder via a Move action with a .. (dot dot) in the src parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos copiar una carpeta home de usuario arbitraria a trav\u00e9s de una acci\u00f3n Move con un .. (punto punto) en el par\u00e1metro src."
}
],
"id": "CVE-2014-1841",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-29T10:37:03.763",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/103195"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/65462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/103195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-1843
Vulnerability from fkie_nvd - Published: 2014-04-29 10:37 - Updated: 2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | * | |
| southrivertech | titan_ftp_server | 10.0.1733 | |
| southrivertech | titan_ftp_server | 10.01.1740 | |
| southrivertech | titan_ftp_server | 10.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "616CA981-B96B-447F-B55A-75182A0ADDB9",
"versionEndIncluding": "10.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.0.1733:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4F7870-2207-4F14-8BFF-E7B18D7C016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.01.1740:*:*:*:*:*:*:*",
"matchCriteriaId": "C505A088-0DCC-4E91-8266-EB55BF42E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA0F371-003E-447F-B3DB-951EA39091B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la interfaz web en Titan FTP Server anterior a 10.40 build 1829 permite a atacantes remotos obtener la informaci\u00f3n de propiedad de una carpeta home arbitraria a trav\u00e9s de una acci\u00f3n Properties con un .. (punto punto) en el par\u00e1metro src."
}
],
"id": "CVE-2014-1843",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-29T10:37:03.810",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/103197"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/65469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/103197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65469"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-2426
Vulnerability from fkie_nvd - Published: 2010-06-24 12:17 - Updated: 2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61039826-0057-40BF-8F02-C37EA0DA7979",
"versionEndIncluding": "8.10.1125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1960AB-2FC9-4103-9EF0-C04101E0306F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "12279FA7-288E-4CED-AD2E-00C029678B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "98258371-4CAE-4D5B-B117-0BECBD910422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "23FCFE36-8E20-47D2-BBE7-BF3F0B97CEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8D56DE-57B9-4335-AA8E-CFF30AB6E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "31D1ECAE-0AD5-4B4E-A624-CC3E03A51EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "B7EDBF6E-BDF1-41D1-87FF-287171BE54A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "A7612F70-CE0D-4BA3-A8A2-67A3D772C487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "4E971345-2B55-444E-AC41-432A0C8A2E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FF707E79-F974-403A-B01D-EC46D0A7B229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F903B4-5A9E-439F-94AC-B02B69E856AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD94D00-8831-4932-8E81-B927F7E924D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "21367D7B-3D6A-4921-AB00-1DA87404E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CA14F899-F8D7-45E1-8B51-4FE843EE0FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "06552CFC-10A7-435E-8468-54D4B2706E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A7535B-3254-43DE-970B-09558DD48C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.11.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D40C972B-A937-45F4-9564-74D02741FF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.0.44:beta:*:*:*:*:*:*",
"matchCriteriaId": "BA92AF6F-8098-4FF3-998D-D60F4F3AC1FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.00.95:*:*:*:*:*:*:*",
"matchCriteriaId": "9674DC36-D9EA-4A2B-98F9-95C5B988D626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.01.96:*:*:*:*:*:*:*",
"matchCriteriaId": "BC729747-026A-48E2-A757-E163F9365920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.02.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B89752F2-1C9E-40B8-8979-A62E95F57E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.119:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC5D253-D10D-4CBE-9860-A03E588FFE86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.120:*:*:*:*:*:*:*",
"matchCriteriaId": "6F87BBFD-CA31-4A3F-BDE3-34EF541854E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.121:*:*:*:*:*:*:*",
"matchCriteriaId": "C36112B3-AAF4-4436-820A-0A0E122F710E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.11.132:*:*:*:*:*:*:*",
"matchCriteriaId": "A42ECC42-A1DC-4081-9A7B-348A50E59964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.20.140:*:*:*:*:*:*:*",
"matchCriteriaId": "62B3F7A8-88CA-488B-BE10-D1EC135D3493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.21.142:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD7266-EAD4-4513-A4B7-46E7E3409062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.30.151:*:*:*:*:*:*:*",
"matchCriteriaId": "6643C492-E63C-4D31-81D8-4B563635B38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.31.152:*:*:*:*:*:*:*",
"matchCriteriaId": "543F3954-CBB0-4F33-B952-DEB1FA0923D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.40.155:*:*:*:*:*:*:*",
"matchCriteriaId": "15353BD2-859B-4A64-A74B-49DBD5DEE8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.00.162:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D406A8-E397-4E59-9220-ED8162663202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.01.163:*:*:*:*:*:*:*",
"matchCriteriaId": "D38D0BF5-4D7B-494F-9100-D3812CB91149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.02.165:*:*:*:*:*:*:*",
"matchCriteriaId": "15CE8B1E-93E5-42BD-8D67-6D3E7381ED7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.10.169:*:*:*:*:*:*:*",
"matchCriteriaId": "A22F74A0-6801-4B17-B1FB-CF282D60219E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.12.172:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4A6DC9-83AE-4CBE-A46F-C16BD1716E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.20.175:*:*:*:*:*:*:*",
"matchCriteriaId": "AB789F4A-43FF-4850-B5E3-7A9125CAFC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.21.177:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCA7E99-0F06-4893-B19B-47791CC7EE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.22.178:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30EC61-9443-4918-99BE-BCF5ED3D2EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.30.186:*:*:*:*:*:*:*",
"matchCriteriaId": "D166EA83-0FB6-4310-A3C9-1E9F4A901454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.00.245:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CAE88B-771E-4255-B579-48B891100BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.01.246:*:*:*:*:*:*:*",
"matchCriteriaId": "7C58DAA2-EE67-4030-BBE5-138D5B1E43B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.02.248:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2DD3A6-36AB-4D2A-A490-EA47BFDC219A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.03.249:*:*:*:*:*:*:*",
"matchCriteriaId": "04756FB8-990A-4839-956E-3965C7C40CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.05.252:*:*:*:*:*:*:*",
"matchCriteriaId": "248268EB-7BEE-4C50-B175-4107379C215D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.10.256:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF062A5-896D-4C6B-853F-D86CABFD1EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.11.257:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5949B9-8A9D-486E-9AEF-4DBFDF740CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.13.260:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB1E6C5-045C-4B40-9DC2-D6BAB8820127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.14.261:*:*:*:*:*:*:*",
"matchCriteriaId": "30558753-22EE-46E1-800E-22CA07A6B05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.20.263:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C1A7-AF9A-4660-8405-3D5A64F3B533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.21.264:*:*:*:*:*:*:*",
"matchCriteriaId": "D1070D8A-2D03-43D4-B372-D5E14F2D4B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.22.265:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ACAFBB-FD29-43AC-BCC5-5A52BFF77B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.23.266:*:*:*:*:*:*:*",
"matchCriteriaId": "DADDF370-C0EA-4B4D-AAE2-A692876D0D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.30.269:*:*:*:*:*:*:*",
"matchCriteriaId": "632CAD3F-A178-4391-A66B-242B644D61DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.31.272:*:*:*:*:*:*:*",
"matchCriteriaId": "28B8F3F5-E9B2-46BF-897D-5C731D434A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.00.303:*:*:*:*:*:*:*",
"matchCriteriaId": "B7867536-1E2B-4823-9B96-2E95C12C6D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.01.306:*:*:*:*:*:*:*",
"matchCriteriaId": "6591BEBD-2585-4E26-AE0D-87677F705345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.02.307:*:*:*:*:*:*:*",
"matchCriteriaId": "0C808239-0C8D-4A61-9279-7B87490AF3C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.308:*:*:*:*:*:*:*",
"matchCriteriaId": "97866525-1847-493B-AB6F-C81BBFA63240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.309:*:*:*:*:*:*:*",
"matchCriteriaId": "DC424CF1-E958-49DE-8EDA-1B95BE162375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.310:*:*:*:*:*:*:*",
"matchCriteriaId": "D609A391-3FD0-4C55-B6B1-FB90BFB50516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.311:*:*:*:*:*:*:*",
"matchCriteriaId": "022B5D4A-477A-4037-993F-59D52634E160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.312:*:*:*:*:*:*:*",
"matchCriteriaId": "010C2855-0A91-4321-80E7-1006D7596A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.313:*:*:*:*:*:*:*",
"matchCriteriaId": "82DF1B96-5794-4964-87A6-A75F233C972B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.314:*:*:*:*:*:*:*",
"matchCriteriaId": "BF24D89C-886B-4F41-9EB3-C3CEB320E514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.315:*:*:*:*:*:*:*",
"matchCriteriaId": "061A2F4B-40A4-42A2-B7AA-6EA57C809154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.316:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD19182-0322-4909-AEEA-824613843582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.317:*:*:*:*:*:*:*",
"matchCriteriaId": "984E4A46-2136-4FA1-B328-CA9645A195EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.318:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5FFD7-0ED6-46F3-B643-C0F9DCF0103A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.319:*:*:*:*:*:*:*",
"matchCriteriaId": "415CFF11-496C-45FD-AE7E-C9DCD99D03CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.320:*:*:*:*:*:*:*",
"matchCriteriaId": "583783D1-66BB-47B7-B42C-6AA42B40E715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.321:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F3317A-F670-4D54-A865-7E109CF458F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.322:*:*:*:*:*:*:*",
"matchCriteriaId": "874BABE9-0050-42DF-94D8-A7363A56F043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.323:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAE358-F701-4411-975F-D1FDB9B50E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.324:*:*:*:*:*:*:*",
"matchCriteriaId": "682F0251-73E7-4A2D-B0AA-1C14082759BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.325:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D9441-05EC-4EC5-A283-204B6CCDC97C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.326:*:*:*:*:*:*:*",
"matchCriteriaId": "832F0A39-D4EC-4E49-AA05-778D36EC1352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.327:*:*:*:*:*:*:*",
"matchCriteriaId": "132E01C8-F39B-4586-8A43-70017921213D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.10.328:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAF6A11-9AF4-40A5-96C4-536C40F4D97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.10.329:*:*:*:*:*:*:*",
"matchCriteriaId": "3F09A5C8-3886-49AA-B34F-90978BD8202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.11.330:*:*:*:*:*:*:*",
"matchCriteriaId": "74AD32A4-60F2-4D35-99E9-EDC919039B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.11.331:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEE2E24-9B42-4B53-916A-43CC82893B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.332:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2F7546-3FFB-42B4-8A29-D97867F03DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.333:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA6ACB-C1BE-4C58-B707-2D8F6F842130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.334:*:*:*:*:*:*:*",
"matchCriteriaId": "0953B912-E560-43DC-8994-C39F21706700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.335:*:*:*:*:*:*:*",
"matchCriteriaId": "7F27CD13-DEAE-4F87-8288-C16F4BF8FA78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.336:*:*:*:*:*:*:*",
"matchCriteriaId": "A31239C4-E154-4429-B49F-F2A649F8AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.20.342:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C2983D-AB3C-45C1-AFA7-FDA3425026C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.21.347:*:*:*:*:*:*:*",
"matchCriteriaId": "48D0471F-FB59-4078-8EDA-41A49932475A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.22.350:*:*:*:*:*:*:*",
"matchCriteriaId": "11B62506-3E75-457B-B193-4B0F99037B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.23.351:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BA2B3A-FD78-4024-A067-C77BFA026FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.24.352:*:*:*:*:*:*:*",
"matchCriteriaId": "A90B308C-2D6C-403E-B582-570D201A9879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.25.356:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E4DB4F-E319-4984-975F-5EA25FFACBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.26.361:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F0343-87CE-4968-AF61-E3B934D23FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.27.362:*:*:*:*:*:*:*",
"matchCriteriaId": "153652C4-8E08-46B4-9B6F-4D121312EE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.30.367:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F59DF3-80B9-4872-B68B-0836896A8226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.31.373:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3339CB-70FC-4B79-BEE8-4FC12C404954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.32.376:*:*:*:*:*:*:*",
"matchCriteriaId": "667E8442-6358-4322-906B-903F1D7CD886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.33.380:*:*:*:*:*:*:*",
"matchCriteriaId": "617CA9F2-35A1-4754-8AE6-45B37CC225C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.33.381:*:*:*:*:*:*:*",
"matchCriteriaId": "3E14CEA9-6757-4ACF-8CE6-9B8A9C879CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.35.385:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4AF845-55DC-4681-BD7E-5B171EF8450E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.36.386:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D21CF-6981-46E3-8130-4124259409E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.37.387:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3B6D9B-9F8F-4B8A-BD75-01BE0E1A9541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.38.388:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E3B7FC-E505-47C6-B510-02E67747E9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.39.389:*:*:*:*:*:*:*",
"matchCriteriaId": "964E3418-D7A0-4FA5-8249-049103DBC687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.00.492:*:*:*:*:*:*:*",
"matchCriteriaId": "682C5EB2-2C3A-4371-AD1D-082685D15B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.01.512:*:*:*:*:*:*:*",
"matchCriteriaId": "D3388C2B-233F-4307-8B34-7B0F241487D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.03.537:*:*:*:*:*:*:*",
"matchCriteriaId": "141D1541-354A-4386-BEA1-FE57B2FA0913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.04.545:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB795F-F39B-439B-AFDC-917EE775135B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.05.550:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC13470-2F33-44E7-A615-EE73502472CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.06.555:*:*:*:*:*:*:*",
"matchCriteriaId": "52A03137-A56B-400C-8E59-F3DC48E5FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.10.560:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5DEEE9-6FFE-46AD-80DE-C40F7C7130B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.20.587:*:*:*:*:*:*:*",
"matchCriteriaId": "885C82A5-5193-4ADD-8302-D244B7E7B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.21.596:*:*:*:*:*:*:*",
"matchCriteriaId": "6875C466-0908-485D-89D4-347517C18EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.23.616:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4A5FE9-D5E1-4C9A-A63B-1ED342AB73E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.24.621:*:*:*:*:*:*:*",
"matchCriteriaId": "F6606E4C-19AA-4740-A10F-949FB073BE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.25.622:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE6EFC3-7178-44FC-809A-9B92DB664181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.26.630:*:*:*:*:*:*:*",
"matchCriteriaId": "219717BD-DA85-444E-A6FC-227295987306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C669B1E-663D-40CE-A14D-C1025A282C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABE51D2-CABB-42E5-AD8C-9243367B7AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "318E4232-E26E-4CB8-8E0B-B6B8B6F242F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "CC102142-655E-4C42-A88B-C8F03F5ED0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F3432E-B2A2-48FC-86A2-246EE2C4E8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "611D684E-35C8-492D-9B0D-9B2D3A93B1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.01:*:*:*:*:*:*:*",
"matchCriteriaId": "24DF992E-56F0-4A4B-9E93-77C9EC67D452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "613AB39B-673E-42A2-9A44-6027A61CFD02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via \"..//\" sequences in the xcrc command."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheros de su elecci\u00f3n, tama\u00f1o de fichero determinado, a trav\u00e9s de la secuencia \"..//\" en el comando xcrc. \r\n"
}
],
"id": "CVE-2010-2426",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-24T12:17:45.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/65533"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40237"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/65533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-2425
Vulnerability from fkie_nvd - Published: 2010-06-24 12:17 - Updated: 2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61039826-0057-40BF-8F02-C37EA0DA7979",
"versionEndIncluding": "8.10.1125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1960AB-2FC9-4103-9EF0-C04101E0306F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "12279FA7-288E-4CED-AD2E-00C029678B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "98258371-4CAE-4D5B-B117-0BECBD910422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "23FCFE36-8E20-47D2-BBE7-BF3F0B97CEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8D56DE-57B9-4335-AA8E-CFF30AB6E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "31D1ECAE-0AD5-4B4E-A624-CC3E03A51EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "B7EDBF6E-BDF1-41D1-87FF-287171BE54A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "A7612F70-CE0D-4BA3-A8A2-67A3D772C487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "4E971345-2B55-444E-AC41-432A0C8A2E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FF707E79-F974-403A-B01D-EC46D0A7B229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F903B4-5A9E-439F-94AC-B02B69E856AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD94D00-8831-4932-8E81-B927F7E924D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "21367D7B-3D6A-4921-AB00-1DA87404E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CA14F899-F8D7-45E1-8B51-4FE843EE0FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "06552CFC-10A7-435E-8468-54D4B2706E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A7535B-3254-43DE-970B-09558DD48C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:1.11.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D40C972B-A937-45F4-9564-74D02741FF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.0.44:beta:*:*:*:*:*:*",
"matchCriteriaId": "BA92AF6F-8098-4FF3-998D-D60F4F3AC1FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.00.95:*:*:*:*:*:*:*",
"matchCriteriaId": "9674DC36-D9EA-4A2B-98F9-95C5B988D626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.01.96:*:*:*:*:*:*:*",
"matchCriteriaId": "BC729747-026A-48E2-A757-E163F9365920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.02.99:*:*:*:*:*:*:*",
"matchCriteriaId": "B89752F2-1C9E-40B8-8979-A62E95F57E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.119:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC5D253-D10D-4CBE-9860-A03E588FFE86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.120:*:*:*:*:*:*:*",
"matchCriteriaId": "6F87BBFD-CA31-4A3F-BDE3-34EF541854E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.10.121:*:*:*:*:*:*:*",
"matchCriteriaId": "C36112B3-AAF4-4436-820A-0A0E122F710E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.11.132:*:*:*:*:*:*:*",
"matchCriteriaId": "A42ECC42-A1DC-4081-9A7B-348A50E59964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.20.140:*:*:*:*:*:*:*",
"matchCriteriaId": "62B3F7A8-88CA-488B-BE10-D1EC135D3493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.21.142:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD7266-EAD4-4513-A4B7-46E7E3409062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.30.151:*:*:*:*:*:*:*",
"matchCriteriaId": "6643C492-E63C-4D31-81D8-4B563635B38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.31.152:*:*:*:*:*:*:*",
"matchCriteriaId": "543F3954-CBB0-4F33-B952-DEB1FA0923D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:2.40.155:*:*:*:*:*:*:*",
"matchCriteriaId": "15353BD2-859B-4A64-A74B-49DBD5DEE8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.00.162:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D406A8-E397-4E59-9220-ED8162663202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.01.163:*:*:*:*:*:*:*",
"matchCriteriaId": "D38D0BF5-4D7B-494F-9100-D3812CB91149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.02.165:*:*:*:*:*:*:*",
"matchCriteriaId": "15CE8B1E-93E5-42BD-8D67-6D3E7381ED7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.10.169:*:*:*:*:*:*:*",
"matchCriteriaId": "A22F74A0-6801-4B17-B1FB-CF282D60219E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.12.172:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4A6DC9-83AE-4CBE-A46F-C16BD1716E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.20.175:*:*:*:*:*:*:*",
"matchCriteriaId": "AB789F4A-43FF-4850-B5E3-7A9125CAFC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.21.177:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCA7E99-0F06-4893-B19B-47791CC7EE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.22.178:*:*:*:*:*:*:*",
"matchCriteriaId": "CE30EC61-9443-4918-99BE-BCF5ED3D2EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:3.30.186:*:*:*:*:*:*:*",
"matchCriteriaId": "D166EA83-0FB6-4310-A3C9-1E9F4A901454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.00.245:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CAE88B-771E-4255-B579-48B891100BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.01.246:*:*:*:*:*:*:*",
"matchCriteriaId": "7C58DAA2-EE67-4030-BBE5-138D5B1E43B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.02.248:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2DD3A6-36AB-4D2A-A490-EA47BFDC219A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.03.249:*:*:*:*:*:*:*",
"matchCriteriaId": "04756FB8-990A-4839-956E-3965C7C40CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.05.252:*:*:*:*:*:*:*",
"matchCriteriaId": "248268EB-7BEE-4C50-B175-4107379C215D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.10.256:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF062A5-896D-4C6B-853F-D86CABFD1EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.11.257:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5949B9-8A9D-486E-9AEF-4DBFDF740CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.13.260:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB1E6C5-045C-4B40-9DC2-D6BAB8820127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.14.261:*:*:*:*:*:*:*",
"matchCriteriaId": "30558753-22EE-46E1-800E-22CA07A6B05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.20.263:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C1A7-AF9A-4660-8405-3D5A64F3B533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.21.264:*:*:*:*:*:*:*",
"matchCriteriaId": "D1070D8A-2D03-43D4-B372-D5E14F2D4B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.22.265:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ACAFBB-FD29-43AC-BCC5-5A52BFF77B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.23.266:*:*:*:*:*:*:*",
"matchCriteriaId": "DADDF370-C0EA-4B4D-AAE2-A692876D0D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.30.269:*:*:*:*:*:*:*",
"matchCriteriaId": "632CAD3F-A178-4391-A66B-242B644D61DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:4.31.272:*:*:*:*:*:*:*",
"matchCriteriaId": "28B8F3F5-E9B2-46BF-897D-5C731D434A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.00.303:*:*:*:*:*:*:*",
"matchCriteriaId": "B7867536-1E2B-4823-9B96-2E95C12C6D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.01.306:*:*:*:*:*:*:*",
"matchCriteriaId": "6591BEBD-2585-4E26-AE0D-87677F705345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.02.307:*:*:*:*:*:*:*",
"matchCriteriaId": "0C808239-0C8D-4A61-9279-7B87490AF3C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.308:*:*:*:*:*:*:*",
"matchCriteriaId": "97866525-1847-493B-AB6F-C81BBFA63240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.309:*:*:*:*:*:*:*",
"matchCriteriaId": "DC424CF1-E958-49DE-8EDA-1B95BE162375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.03.310:*:*:*:*:*:*:*",
"matchCriteriaId": "D609A391-3FD0-4C55-B6B1-FB90BFB50516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.311:*:*:*:*:*:*:*",
"matchCriteriaId": "022B5D4A-477A-4037-993F-59D52634E160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.312:*:*:*:*:*:*:*",
"matchCriteriaId": "010C2855-0A91-4321-80E7-1006D7596A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.313:*:*:*:*:*:*:*",
"matchCriteriaId": "82DF1B96-5794-4964-87A6-A75F233C972B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.314:*:*:*:*:*:*:*",
"matchCriteriaId": "BF24D89C-886B-4F41-9EB3-C3CEB320E514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.04.315:*:*:*:*:*:*:*",
"matchCriteriaId": "061A2F4B-40A4-42A2-B7AA-6EA57C809154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.316:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD19182-0322-4909-AEEA-824613843582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.317:*:*:*:*:*:*:*",
"matchCriteriaId": "984E4A46-2136-4FA1-B328-CA9645A195EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.318:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5FFD7-0ED6-46F3-B643-C0F9DCF0103A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.319:*:*:*:*:*:*:*",
"matchCriteriaId": "415CFF11-496C-45FD-AE7E-C9DCD99D03CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.320:*:*:*:*:*:*:*",
"matchCriteriaId": "583783D1-66BB-47B7-B42C-6AA42B40E715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.321:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F3317A-F670-4D54-A865-7E109CF458F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.322:*:*:*:*:*:*:*",
"matchCriteriaId": "874BABE9-0050-42DF-94D8-A7363A56F043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.323:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAE358-F701-4411-975F-D1FDB9B50E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.324:*:*:*:*:*:*:*",
"matchCriteriaId": "682F0251-73E7-4A2D-B0AA-1C14082759BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.325:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D9441-05EC-4EC5-A283-204B6CCDC97C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.326:*:*:*:*:*:*:*",
"matchCriteriaId": "832F0A39-D4EC-4E49-AA05-778D36EC1352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.05.327:*:*:*:*:*:*:*",
"matchCriteriaId": "132E01C8-F39B-4586-8A43-70017921213D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.10.328:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAF6A11-9AF4-40A5-96C4-536C40F4D97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.10.329:*:*:*:*:*:*:*",
"matchCriteriaId": "3F09A5C8-3886-49AA-B34F-90978BD8202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.11.330:*:*:*:*:*:*:*",
"matchCriteriaId": "74AD32A4-60F2-4D35-99E9-EDC919039B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.11.331:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEE2E24-9B42-4B53-916A-43CC82893B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.332:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2F7546-3FFB-42B4-8A29-D97867F03DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.333:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA6ACB-C1BE-4C58-B707-2D8F6F842130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.334:*:*:*:*:*:*:*",
"matchCriteriaId": "0953B912-E560-43DC-8994-C39F21706700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.335:*:*:*:*:*:*:*",
"matchCriteriaId": "7F27CD13-DEAE-4F87-8288-C16F4BF8FA78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.12.336:*:*:*:*:*:*:*",
"matchCriteriaId": "A31239C4-E154-4429-B49F-F2A649F8AE38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.20.342:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C2983D-AB3C-45C1-AFA7-FDA3425026C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.21.347:*:*:*:*:*:*:*",
"matchCriteriaId": "48D0471F-FB59-4078-8EDA-41A49932475A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.22.350:*:*:*:*:*:*:*",
"matchCriteriaId": "11B62506-3E75-457B-B193-4B0F99037B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.23.351:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BA2B3A-FD78-4024-A067-C77BFA026FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.24.352:*:*:*:*:*:*:*",
"matchCriteriaId": "A90B308C-2D6C-403E-B582-570D201A9879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.25.356:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E4DB4F-E319-4984-975F-5EA25FFACBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.26.361:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F0343-87CE-4968-AF61-E3B934D23FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.27.362:*:*:*:*:*:*:*",
"matchCriteriaId": "153652C4-8E08-46B4-9B6F-4D121312EE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.30.367:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F59DF3-80B9-4872-B68B-0836896A8226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.31.373:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3339CB-70FC-4B79-BEE8-4FC12C404954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.32.376:*:*:*:*:*:*:*",
"matchCriteriaId": "667E8442-6358-4322-906B-903F1D7CD886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.33.380:*:*:*:*:*:*:*",
"matchCriteriaId": "617CA9F2-35A1-4754-8AE6-45B37CC225C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.33.381:*:*:*:*:*:*:*",
"matchCriteriaId": "3E14CEA9-6757-4ACF-8CE6-9B8A9C879CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.35.385:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4AF845-55DC-4681-BD7E-5B171EF8450E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.36.386:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D21CF-6981-46E3-8130-4124259409E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.37.387:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3B6D9B-9F8F-4B8A-BD75-01BE0E1A9541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.38.388:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E3B7FC-E505-47C6-B510-02E67747E9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:5.39.389:*:*:*:*:*:*:*",
"matchCriteriaId": "964E3418-D7A0-4FA5-8249-049103DBC687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.00.492:*:*:*:*:*:*:*",
"matchCriteriaId": "682C5EB2-2C3A-4371-AD1D-082685D15B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.01.512:*:*:*:*:*:*:*",
"matchCriteriaId": "D3388C2B-233F-4307-8B34-7B0F241487D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.03.537:*:*:*:*:*:*:*",
"matchCriteriaId": "141D1541-354A-4386-BEA1-FE57B2FA0913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.04.545:*:*:*:*:*:*:*",
"matchCriteriaId": "65CB795F-F39B-439B-AFDC-917EE775135B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.05.550:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC13470-2F33-44E7-A615-EE73502472CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.06.555:*:*:*:*:*:*:*",
"matchCriteriaId": "52A03137-A56B-400C-8E59-F3DC48E5FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.10.560:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5DEEE9-6FFE-46AD-80DE-C40F7C7130B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.20.587:*:*:*:*:*:*:*",
"matchCriteriaId": "885C82A5-5193-4ADD-8302-D244B7E7B597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.21.596:*:*:*:*:*:*:*",
"matchCriteriaId": "6875C466-0908-485D-89D4-347517C18EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.23.616:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4A5FE9-D5E1-4C9A-A63B-1ED342AB73E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.24.621:*:*:*:*:*:*:*",
"matchCriteriaId": "F6606E4C-19AA-4740-A10F-949FB073BE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.25.622:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE6EFC3-7178-44FC-809A-9B92DB664181",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.26.630:*:*:*:*:*:*:*",
"matchCriteriaId": "219717BD-DA85-444E-A6FC-227295987306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C669B1E-663D-40CE-A14D-C1025A282C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABE51D2-CABB-42E5-AD8C-9243367B7AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "318E4232-E26E-4CB8-8E0B-B6B8B6F242F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "CC102142-655E-4C42-A88B-C8F03F5ED0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F3432E-B2A2-48FC-86A2-246EE2C4E8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "611D684E-35C8-492D-9B0D-9B2D3A93B1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.01:*:*:*:*:*:*:*",
"matchCriteriaId": "24DF992E-56F0-4A4B-9E93-77C9EC67D452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "613AB39B-673E-42A2-9A44-6027A61CFD02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via \"..//\" sequences in a COMB command."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en TitanFTPd en South River Technologies Titan FTP Server v8.10.1125, y probablemente versiones anteriores, permite a usuarios autentificados remotamente leer ficheroso borrar ficheros de su elecci\u00f3n a trav\u00e9s de la secuencia \"..//\" en el comando COMB. \r\n"
}
],
"id": "CVE-2010-2425",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-24T12:17:45.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40237"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/65622"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/40949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/65622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40949"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6082
Vulnerability from fkie_nvd - Published: 2009-02-06 11:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| southrivertech | titan_ftp_server | 6.26 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:southrivertech:titan_ftp_server:6.26:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB48367-14F1-48F5-A0A8-6AFBCEBF80BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command."
},
{
"lang": "es",
"value": "Titan FTP Server v6.26 build 630 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s del comando \"SITE WHO\"."
}
],
"id": "CVE-2008-6082",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-06T11:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32269"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/49177"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/49177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6753"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-45690 (GCVE-0-2023-45690)
Vulnerability from cvelistv5 – Published: 2023-10-16 16:20 – Updated: 2024-09-16 17:41
VLAI?
Title
Information leak via default file permissions on Titan MFT and Titan SFTP servers
Summary
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem
Severity ?
No CVSS data available.
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| South River Technologies | Titan MFT |
Affected:
0 , ≤ 2.0.17.2298
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
},
{
"tags": [
"x_transferred"
],
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T17:41:48.328097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T17:41:56.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Titan MFT",
"vendor": "South River Technologies",
"versions": [
{
"lessThanOrEqual": "2.0.17.2298",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Titan SFTP",
"vendor": "South River Technologies",
"versions": [
{
"lessThanOrEqual": "2.0.17.2298",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Default file permissions on South River Technologies\u0027 Titan MFT and Titan SFTP servers on Linux allows a user that\u0027s authentication to the OS to read sensitive files on the filesystem"
}
],
"value": "Default file permissions on South River Technologies\u0027 Titan MFT and Titan SFTP servers on Linux allows a user that\u0027s authentication to the OS to read sensitive files on the filesystem"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T16:20:52.656Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
},
{
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information leak via default file permissions on Titan MFT and Titan SFTP servers",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2023-45690",
"datePublished": "2023-10-16T16:20:52.656Z",
"dateReserved": "2023-10-10T19:07:28.771Z",
"dateUpdated": "2024-09-16T17:41:56.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44215 (GCVE-0-2022-44215)
Vulnerability from cvelistv5 – Published: 2023-08-22 00:00 – Updated: 2024-10-03 14:33
VLAI?
Summary
There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:47:05.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/JBalanza/CVE-2022-44215"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44215",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:33:48.319817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:33:59.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T17:11:06.359149",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"url": "https://github.com/JBalanza/CVE-2022-44215"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-44215",
"datePublished": "2023-08-22T00:00:00",
"dateReserved": "2022-10-30T00:00:00",
"dateUpdated": "2024-10-03T14:33:59.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22629 (GCVE-0-2023-22629)
Vulnerability from cvelistv5 – Published: 2023-02-14 00:00 – Updated: 2025-03-20 20:22
VLAI?
Summary
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://titanftp.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22629",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T20:22:47.032314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:22:52.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server\u0027s filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
},
{
"url": "https://titanftp.com"
},
{
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-22629",
"datePublished": "2023-02-14T00:00:00.000Z",
"dateReserved": "2023-01-05T00:00:00.000Z",
"dateUpdated": "2025-03-20T20:22:52.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10009 (GCVE-0-2019-10009)
Vulnerability from cvelistv5 – Published: 2019-06-03 20:53 – Updated: 2024-08-04 22:10
VLAI?
Summary
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:08.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \\..\\..\\ technique, arbitrary files can be loaded in the server response outside the root directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-06T19:27:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \\..\\..\\ technique, arbitrary files can be loaded in the server response outside the root directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"name": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"name": "https://seclists.org/fulldisclosure/2019/Mar/47",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"name": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html",
"refsource": "CONFIRM",
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10009",
"datePublished": "2019-06-03T20:53:15",
"dateReserved": "2019-03-24T00:00:00",
"dateUpdated": "2024-08-04T22:10:08.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1842 (GCVE-0-2014-1842)
Vulnerability from cvelistv5 – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:50
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:50:11.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103196",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "103196",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103196",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1842",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:50:11.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1841 (GCVE-0-2014-1841)
Vulnerability from cvelistv5 – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:50
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:50:11.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user\u0027s home folder via a Move action with a .. (dot dot) in the src parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user\u0027s home folder via a Move action with a .. (dot dot) in the src parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1841",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:50:11.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1843 (GCVE-0-2014-1843)
Vulnerability from cvelistv5 – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "103197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103197",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1843",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2425 (GCVE-0-2010-2425)
Vulnerability from cvelistv5 – Published: 2010-06-23 17:13 – Updated: 2024-08-07 02:32
VLAI?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/65622"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via \"..//\" sequences in a COMB command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/65622"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via \"..//\" sequences in a COMB command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65622"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2425",
"datePublished": "2010-06-23T17:13:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2426 (GCVE-0-2010-2426)
Vulnerability from cvelistv5 – Published: 2010-06-23 17:13 – Updated: 2024-08-07 02:32
VLAI?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65533",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via \"..//\" sequences in the xcrc command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65533",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via \"..//\" sequences in the xcrc command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65533",
"refsource": "OSVDB",
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2426",
"datePublished": "2010-06-23T17:13:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6082 (GCVE-0-2008-6082)
Vulnerability from cvelistv5 – Published: 2009-02-06 11:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:24.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6082",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:24.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45690 (GCVE-0-2023-45690)
Vulnerability from nvd – Published: 2023-10-16 16:20 – Updated: 2024-09-16 17:41
VLAI?
Title
Information leak via default file permissions on Titan MFT and Titan SFTP servers
Summary
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem
Severity ?
No CVSS data available.
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| South River Technologies | Titan MFT |
Affected:
0 , ≤ 2.0.17.2298
(semver)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
},
{
"tags": [
"x_transferred"
],
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T17:41:48.328097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T17:41:56.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Titan MFT",
"vendor": "South River Technologies",
"versions": [
{
"lessThanOrEqual": "2.0.17.2298",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Titan SFTP",
"vendor": "South River Technologies",
"versions": [
{
"lessThanOrEqual": "2.0.17.2298",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Default file permissions on South River Technologies\u0027 Titan MFT and Titan SFTP servers on Linux allows a user that\u0027s authentication to the OS to read sensitive files on the filesystem"
}
],
"value": "Default file permissions on South River Technologies\u0027 Titan MFT and Titan SFTP servers on Linux allows a user that\u0027s authentication to the OS to read sensitive files on the filesystem"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T16:20:52.656Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"
},
{
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information leak via default file permissions on Titan MFT and Titan SFTP servers",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2023-45690",
"datePublished": "2023-10-16T16:20:52.656Z",
"dateReserved": "2023-10-10T19:07:28.771Z",
"dateUpdated": "2024-09-16T17:41:56.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44215 (GCVE-0-2022-44215)
Vulnerability from nvd – Published: 2023-08-22 00:00 – Updated: 2024-10-03 14:33
VLAI?
Summary
There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:47:05.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/JBalanza/CVE-2022-44215"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44215",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T14:33:48.319817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T14:33:59.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-22T17:11:06.359149",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing"
},
{
"url": "https://github.com/JBalanza/CVE-2022-44215"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-44215",
"datePublished": "2023-08-22T00:00:00",
"dateReserved": "2022-10-30T00:00:00",
"dateUpdated": "2024-10-03T14:33:59.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22629 (GCVE-0-2023-22629)
Vulnerability from nvd – Published: 2023-02-14 00:00 – Updated: 2025-03-20 20:22
VLAI?
Summary
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://titanftp.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22629",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T20:22:47.032314Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:22:52.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server\u0027s filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-06T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf"
},
{
"url": "https://titanftp.com"
},
{
"url": "https://f20.be/cves/titan-ftp-vulnerabilities"
},
{
"url": "http://packetstormsecurity.com/files/171737/Titan-FTP-Path-Traversal.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-22629",
"datePublished": "2023-02-14T00:00:00.000Z",
"dateReserved": "2023-01-05T00:00:00.000Z",
"dateUpdated": "2025-03-20T20:22:52.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10009 (GCVE-0-2019-10009)
Vulnerability from nvd – Published: 2019-06-03 20:53 – Updated: 2024-08-04 22:10
VLAI?
Summary
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:08.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \\..\\..\\ technique, arbitrary files can be loaded in the server response outside the root directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-06T19:27:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \\..\\..\\ technique, arbitrary files can be loaded in the server response outside the root directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46611/"
},
{
"name": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152244/Titan-FTP-Server-2019-Build-3505-Directory-Traversal.html"
},
{
"name": "https://seclists.org/fulldisclosure/2019/Mar/47",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2019/Mar/47"
},
{
"name": "46611",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46611"
},
{
"name": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html",
"refsource": "CONFIRM",
"url": "http://www.southrivertech.com/software/regsoft/titanftp/v19/verhist_en.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10009",
"datePublished": "2019-06-03T20:53:15",
"dateReserved": "2019-03-24T00:00:00",
"dateUpdated": "2024-08-04T22:10:08.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1842 (GCVE-0-2014-1842)
Vulnerability from nvd – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:50
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:50:11.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103196",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "103196",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103196",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1842",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:50:11.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1841 (GCVE-0-2014-1841)
Vulnerability from nvd – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:50
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:50:11.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user\u0027s home folder via a Move action with a .. (dot dot) in the src parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user\u0027s home folder via a Move action with a .. (dot dot) in the src parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65462"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "103195",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103195"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1841",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:50:11.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1843 (GCVE-0-2014-1843)
Vulnerability from nvd – Published: 2014-04-29 10:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-15T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "103197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103197",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103197"
},
{
"name": "65469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65469"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1843",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-02T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2425 (GCVE-0-2010-2425)
Vulnerability from nvd – Published: 2010-06-23 17:13 – Updated: 2024-08-07 02:32
VLAI?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/65622"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via \"..//\" sequences in a COMB command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/65622"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via \"..//\" sequences in a COMB command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40237"
},
{
"name": "40949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "20100617 TitanFTP Server COMB directory traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511873/100/0/threaded"
},
{
"name": "65622",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/65622"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2425",
"datePublished": "2010-06-23T17:13:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2426 (GCVE-0-2010-2426)
Vulnerability from nvd – Published: 2010-06-23 17:13 – Updated: 2024-08-07 02:32
VLAI?
Summary
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65533",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via \"..//\" sequences in the xcrc command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65533",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via \"..//\" sequences in the xcrc command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65533",
"refsource": "OSVDB",
"url": "http://osvdb.org/65533"
},
{
"name": "40237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40237"
},
{
"name": "20100615 TitanFTP Server Arbitrary File Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511839/100/0/threaded"
},
{
"name": "40949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40949"
},
{
"name": "tfs-xcrc-dir-traversal(59492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2426",
"datePublished": "2010-06-23T17:13:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6082 (GCVE-0-2008-6082)
Vulnerability from nvd – Published: 2009-02-06 11:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:24.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32269"
},
{
"name": "31757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31757"
},
{
"name": "49177",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/49177"
},
{
"name": "6753",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6753"
},
{
"name": "titanftpserver-sitewho-dos(45871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6082",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:24.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}