CVE-2022-22836

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 10-01-2022 03:12

Last modified: - 19-01-2022 05:15

Total changes: - 2

Description

CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

6.5

Base score

2.8

3.6

Exploitability score

Impact score

Verification logic

vendor=coreftp AND product=core_ftp AND versionEndIncluding=1.2

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_639

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_640

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_641

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_642

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_645

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_647

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_649

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_651

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_653

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_655

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_656

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_657

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_658

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_659

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_665

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_667

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_668

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_671

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_673

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_674

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_676

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_677

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_679

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_682

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_687

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_689

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_691

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_694

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_695

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_697

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_699

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_702

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_704

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_705

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_711

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_713

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_715

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_719

vendor=coreftp AND product=core_ftp AND version=2.0 AND update=build_725

Reference

Keywords

CVE-2022-22836

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-22836

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures