CVE-2019-9649
published 2019-03-22CVE-2019-9649: An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal…
PriorityP347medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
14.54%
96.2th percentile
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| coreftp | core_ftp | — | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
exploitdb·2020-03-11·CVSS 5.3
CVE-2019-9649 [MEDIUM] CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
---
class MetasploitModule 'CVE-2019-9649 CoreFTP FTP Server Version 674 and below MDTM Directory Traversal',
'Description' => %q{An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and the last mofidied date.},
'Author' => [ 'Kevin Randall' ],
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2019-9649' ],
[ 'BID', '107449' ],
[ 'URL', 'https://www.coreftp.com/forums/viewtopic.php?f=15&t=4022509' ]
],
'Disclosure Date:' => 'March 13 2019'
)
register_options([
Opt::RPORT(21),
OptString.new('FILENAME', [true, "Name
Exploit-DB
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
exploitdb·2019-03-13·CVSS 5.3
CVE-2019-9649 [MEDIUM] Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
---
# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal
# Google Dork: N/A
# Date: 3/13/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: CoreFTP Server FTP / SFTP Server v2 - Build 674
# Tested on: Windows 7
# CVE : CVE-2019-9649
*Vendor has confirmed vulnerability and implemented an updated version*
Summary: Summary: By utilizing a directory traversal along with the FTP MDTM command, an attacker can browse outside the root directory to determine if a file exists based on return file size along with the date the file was last modified by using a ..\..\ technique
Too
No writeups or analysis indexed.
http://packetstormsecurity.com/files/154205/CoreFTP-Server-MDTM-Directory-Traversal.htmlhttp://seclists.org/fulldisclosure/2019/Aug/22http://www.coreftp.com/forums/viewtopic.php?f=15&t=4022509http://www.securityfocus.com/bid/107449https://seclists.org/fulldisclosure/2019/Mar/25https://www.exploit-db.com/exploits/46534http://packetstormsecurity.com/files/154205/CoreFTP-Server-MDTM-Directory-Traversal.htmlhttp://seclists.org/fulldisclosure/2019/Aug/22http://www.coreftp.com/forums/viewtopic.php?f=15&t=4022509http://www.securityfocus.com/bid/107449https://seclists.org/fulldisclosure/2019/Mar/25https://www.exploit-db.com/exploits/46534
2019-03-22
Published