CVE-2020-8635

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files.
References
Link Resource
https://www.hooperlabs.xyz/disclosures/cve-2020-8635.php Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:linux:*:*
cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:macos:*:*
cpe:2.3:a:wftpserver:wing_ftp_server:6.2.3:*:*:*:*:solaris:*:*

Information

Published : 2020-03-06 16:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-8635

Mitre link : CVE-2020-8635


JSON object : View

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource

Advertisement

dedicated server usa

Products Affected

wftpserver

  • wing_ftp_server