The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote malicious users to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple airport express 7.5 |
||
apple airport extreme 7.5 |
||
apple time capsule 7.5 |