CVE-2023-45689
published 2023-10-16CVE-2023-45689: Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with…
PriorityP434medium6.5CVSS 3.1
AVNACLPRHUINSUCHIHAN
EPSS
0.82%
52.5th percentile
Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversal
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| south_river_technologies | titan_mft | <= 2.0.17.2298 | — |
| south_river_technologies | titan_sftp | <= 2.0.17.2298 | — |
| southrivertech | titan_mft_server | < 2.0.18 | 2.0.18 |
| southrivertech | titan_sftp_server | < 2.0.18 | 2.0.18 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/
2023-10-16
Published