cbcvebase.
CVE-2015-7602
published 2015-09-29

CVE-2015-7602: Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.

PriorityP265high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
60.94%
99.0th percentile
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.

Affected

1 ranges
VendorProductVersion rangeFixed in
bisonwarebisonftp

Detection & IOCsextracted from sources · hover to see the quote

commandRETR ../../../boot.ini
commandRETR ..//.
path..//.
path../
  • Detect FTP RETR commands containing directory traversal sequences (e.g., '../', '..//.') targeting BisonFTP 3.5 servers
  • Monitor FTP sessions for unauthenticated or anonymous logins followed by RETR commands with traversal strings — the PoC calls ftp.login() with no credentials before issuing the traversal RETR
  • Alert on FTP RETR requests for sensitive Windows files (e.g., boot.ini) combined with path traversal sequences as an indicator of active exploitation
  • ·Vulnerability is specific to BisonWare BisonFTP Server version 3.5 only; other versions are not confirmed affected
  • ·The PoC exploit was tested exclusively on Windows XP Service Pack 3 (English); traversal path depth and target file paths may differ on other Windows versions

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
osv3.5LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.