Directory traversal vulnerability in FTP Serv-U prior to 2.5i allows remote malicious users to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
solarwinds serv-u file server 3.0.0.16 |