Some vulnerabilities have been reported in Wing FTP Server, which can be exploited by malicious users and malicious people to disclose potentially sensitive information.
1) Input passed to the Web Client is not properly sanitised before being used. This can be exploited to access files outside of the user's home directory via directory traversal attacks.
2) An unspecified error when using the HTTP protocol can be exploited to disclose sensitive information.
Solution
Update to version 3.4.1.
Further details available in Customer Area
Provided and/or discovered by
Reported by the vendor.
Original Advisory
http://www.wftpserver.com/serverhistory.htm
京公网安备 11010502034610号
暂无评论