First published: Tue Jun 11 2019(Updated: )
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ipswitch Ws Ftp Server | <8.6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-12145.
The severity of CVE-2019-12145 is high, with a severity value of 7.5.
The affected software is Ipswitch WS FTP Server 2018 before 8.6.1.
The vulnerability manifests as a Directory Traversal issue in SSHServerAPI.dll.
An attacker can exploit this vulnerability by supplying a string using special patterns via the SCP protocol to disclose path names on the host operating system.