Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows remote attackers to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter.
Software | From | Fixed in |
---|---|---|
fastream / netfile_ftp_web_server | 6.5.1.980 | 6.5.1.980.x |
fastream / netfile_ftp_web_server | 6.5.1.981 | 6.5.1.981.x |
fastream / netfile_ftp_web_server | 6.7.2.1085 | 6.7.2.1085.x |