Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:lftp_project:lftp:2.0.4:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-10916 |
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system. Published: August 01, 2018; 10:29:00 AM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 7.8 HIGH |