CVE-2023-38960
First published: Tue Feb 13 2024(Updated: )
Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build 4005 allows a local attacker to gain privileges and execute arbitrary code via crafted executable running from the installation directory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RaidenFTPD | =2.4.4005 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-38960?
CVE-2023-38960 is considered to have a high severity due to the potential for local attackers to gain elevated privileges and execute arbitrary code.
How do I fix CVE-2023-38960?
To fix CVE-2023-38960, update RaidenFTPD to a version that addresses the insecure permissions issue.
Who is affected by CVE-2023-38960?
CVE-2023-38960 affects users of RaidenFTPD version 2.4 build 4005, specifically those running it in environments where local attackers can exploit the vulnerability.
What is the nature of the vulnerability in CVE-2023-38960?
CVE-2023-38960 is an insecure permissions vulnerability that allows local attackers to execute crafted executables from the installation directory.
Can CVE-2023-38960 be exploited remotely?
CVE-2023-38960 cannot be exploited remotely as it requires local access to the affected system.
- agent/author
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/raidenftpd
- canonical/raidenftpd
- version/raidenftpd/2.4.4005