CVE-2010-4153

Published Nov 3, 2010
Last updated 3 months ago
CVSS info 9.3
Overview

Description: Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-22
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53120C61-E457-4331-9A43-AE1E8ADCF09B",
            "versionEndIncluding": "1.65a"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E084FFA7-7591-4ABC-8CDE-D2FD865C0207"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06BFC7EA-F34E-4CB0-964C-8D728F380B7C"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C564B2E-2A7E-4012-9374-EF4506D498C3"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D7EE7D9-6245-4300-A110-DDC9D7D39675"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECEB9274-7900-48E0-9E1B-E8FCBC315F31"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "287A0457-E738-4CAC-B44D-5731EC91A022"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD4BA2D1-E5AC-45CA-997A-F1C3D2DD8B48"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3425DE23-2210-4B67-8924-F715F4EF02D9"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83B045F0-0ABC-48D0-B50F-12BF319F6C84"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26C1A77D-8457-42E8-9183-127DA33F2655"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D5CD13D-51B7-49F7-A4C9-91316E5FC112"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B02DD81-5BB3-4D7D-9592-3F7E89632E2F"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37305540-737C-4467-8CA3-2489D3BEC2A8"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C64EA42-A5F6-4A4C-9972-C68755B66040"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "258EB714-AC71-4C74-BF6E-1C57A4F7983E"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94C353DD-D09B-4023-8765-110A37364724"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D0D5336-0306-4F23-8FC2-AEE856F9A97E"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B4D40D9-3763-4F1A-80C4-B1C8C4C1736A"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "405DCB68-F769-410E-86F5-F74A8F4CD004"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30DF8A69-B7EB-4DF2-B2FE-19A04E4A6BD2"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0786C1D-D0A4-48AD-9A6B-A07CA52D2EE4"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D810E9FA-B43C-4845-B9FB-C08A1A278D11"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C94C53D4-8EBE-4C10-A48C-F33B2DA14090"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1779BE1-B364-4A7E-B335-A55D598CB271"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9E28839-BF19-4F5D-B602-C0F8AB2D7744"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40FE0B26-3EAA-4D98-9E3F-401DCD86A8AF"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0881CF1-4DD1-411C-8627-4571FAF26AA3"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C66C878-AE67-42AE-9B66-0A07AA71A7DB"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB3D0B5F-F0A1-4E01-8C0E-7BD19E697CAF"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72433164-9035-4CB5-B584-95E88EF7C7E4"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C88ED85B-D6CC-4B50-91CE-41B8B3B17EFA"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39DE12B2-5E52-4CC1-BF3A-3CBD67358BA2"
          },
          {
            "criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0262C5E7-B0A7-4806-BCD6-656CFD98D179"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
