Cyber Security

CompleteFTP path traversal flaw allowed attackers to delete server files

Published

on

A security vulnerability in file transfer software CompleteFTP allowed unauthenticated attackers to delete arbitrary files on affected installations.

Developed by EnterpriseDT of Australia, CompleteFTP is a proprietary FTP and SFTP server for Windows that supports FTPS, SFTP, and HTTPS.

A security researcher with the handle rgod discovered a flaw in the HttpFile class that results from the lack of proper validation of a user-supplied path prior to using it in file operations.

“This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP server,” a security advisory explains.

“An attacker can leverage this vulnerability to delete files in the context of SYSTEM.”

The issue was assigned CVE-2022-2560 and was fixed in CompleteFTP version 22.1.1.

This release includes other security enhancements in the form of SHA-2 cryptographic hash function for RSA signatures and a new format for PuTTY private keys.

The Daily Swig has approached EnterpriseDT for comment.

Source: https://portswigger.net/daily-swig/completeftp-path-traversal-flaw-allowed-attackers-to-delete-server-files

Click to comment
Exit mobile version