Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows remote attackers to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Netfile_ftp_web_server | Fastream | 6.5.1.980 (including) | 6.5.1.980 (including) |
Netfile_ftp_web_server | Fastream | 6.5.1.981 (including) | 6.5.1.981 (including) |
Netfile_ftp_web_server | Fastream | 6.7.2.1085 (including) | 6.7.2.1085 (including) |