In WinSCP prior to 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
winscp winscp |