CVE-2010-3104

Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, allows remote FTP servers to write arbitrary files via a ".." (dot dot backslash) in a filename.

Published: Aug 21, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3104
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
deskshare / auto_ftp_manager	4.31	4.31.x

http://www.htbridge.ch/advisory/directory_traversal_in_autoftp_manager.html

Vulnerability Database

289,697

CVE-2010-3104