CVE-2025-34110
published 2025-07-15CVE-2025-34110: A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files…
PriorityP267critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.30%
66.9th percentile
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| coloradoftp | server | <= 1.3 Build 8 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor FTP GET and PUT commands containing backslash-based directory traversal sequences (e.g., starting with '\') targeting ColoradoFTP Server ≤ 1.3 Build 8 on Windows. ↗
- →Exploitation does not require authentication — alert on unauthenticated FTP sessions issuing GET or PUT commands with path traversal patterns. ↗
- →The vulnerability is Windows-specific despite the server being Java-based; scope detection to Windows hosts running ColoradoFTP. ↗
- ·Exploitation is limited to ColoradoFTP Server version 1.3 Build 8 and earlier; verify exact version before applying detections. ↗
- ·Despite the Java runtime being cross-platform, the traversal vulnerability is only exploitable on the Windows version of ColoradoFTP — Linux/macOS deployments are not affected. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://bitbucket.org/nolife/coloradoftp/commits/16a60c4a74ef477cd8c16ca82442eaab2fbe8c86https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/ftp/colorado_ftp_traversal.rbhttps://www.exploit-db.com/exploits/40231https://www.vulncheck.com/advisories/colorado-ftp-server-path-traversal-information-disclosure
2025-07-15
Published