What is the severity of CVE-2007-6233?

CVE-2007-6233 has been assessed as a medium severity vulnerability due to its potential for local file inclusion by authenticated users.

How can I mitigate CVE-2007-6233?

To mitigate CVE-2007-6233, ensure that access controls restrict authenticated users from exploiting the directory traversal vulnerability and apply any available patches for FTP Admin 0.1.0.

Who is affected by CVE-2007-6233?

CVE-2007-6233 affects users running FTP Admin version 0.1.0, particularly those with authenticated access.

What type of vulnerability is CVE-2007-6233?

CVE-2007-6233 is classified as a directory traversal vulnerability that allows unauthorized file access on the server.

Can CVE-2007-6233 lead to remote code execution?

Yes, CVE-2007-6233 can potentially be exploited for remote code execution through the inclusion of arbitrary files if certain conditions are met.

Vulnerability/
CVE-2007-6233

medium

4.9

CWE

4/12/2007

7/8/2024

CVE-2007-6233: Path Traversal

First published: Tue Dec 04 2007(Updated: )

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
FTP Admin	=0.1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6233?
CVE-2007-6233 has been assessed as a medium severity vulnerability due to its potential for local file inclusion by authenticated users.
How can I mitigate CVE-2007-6233?
To mitigate CVE-2007-6233, ensure that access controls restrict authenticated users from exploiting the directory traversal vulnerability and apply any available patches for FTP Admin 0.1.0.
Who is affected by CVE-2007-6233?
CVE-2007-6233 affects users running FTP Admin version 0.1.0, particularly those with authenticated access.
What type of vulnerability is CVE-2007-6233?
CVE-2007-6233 is classified as a directory traversal vulnerability that allows unauthorized file access on the server.
Can CVE-2007-6233 lead to remote code execution?
Yes, CVE-2007-6233 can potentially be exploited for remote code execution through the inclusion of arbitrary files if certain conditions are met.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/ftp admin
canonical/ftp admin
version/ftp admin/0.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2007-6233?
CVE-2007-6233 has been assessed as a medium severity vulnerability due to its potential for local file inclusion by authenticated users.
How can I mitigate CVE-2007-6233?
To mitigate CVE-2007-6233, ensure that access controls restrict authenticated users from exploiting the directory traversal vulnerability and apply any available patches for FTP Admin 0.1.0.
Who is affected by CVE-2007-6233?
CVE-2007-6233 affects users running FTP Admin version 0.1.0, particularly those with authenticated access.
What type of vulnerability is CVE-2007-6233?
CVE-2007-6233 is classified as a directory traversal vulnerability that allows unauthorized file access on the server.
Can CVE-2007-6233 lead to remote code execution?
Yes, CVE-2007-6233 can potentially be exploited for remote code execution through the inclusion of arbitrary files if certain conditions are met.