CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP prior to 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
enterprisedt completeftp_server |