CVE-2016-15003 — Unquoted Search Path or Element in Client

CWE-428 — Unquoted Search Path or Element6 documents5 sources

Severity

7.8HIGHNVD

CNA6.3

EPSS

0.4%

top 37.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Filezilla Client Filezilla-project Filezilla Client

Timeline

PublishedJul 18

Latest updateJul 19

Description

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5filezilla/client3.17.0.0

▶NVDfilezilla-project/filezilla_client3.17.0

🔴Vulnerability Details

GHSA

GHSA-7j5p-c5cp-hrh6: A vulnerability has been found in FileZilla Client 3↗2022-07-19

▶

CVEList

FileZilla Client Installer uninstall.exe unquoted search path↗2022-07-18

▶

📋Vendor Advisories

Debian

CVE-2016-15003: filezilla - A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as pr...↗2016

▶

🕵️Threat Intelligence

Wiz

CVE-2023-53959 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2019-25683 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶