CNNVD-202511-732 Information

CNNVD ID

CNNVD-202511-732

Related CVE

CVE-2025-34299

• CNNVD Published: 2025-11-07

Description (Chinese)

Monsta FTP是新西兰Monsta公司的一款轻量级文件管理器。它支持文件传输、文件管理和文档编辑等功能。 Monsta FTP 2.11及之前版本存在安全漏洞，该漏洞源于允许未经身份验证的任意文件上传，可能导致执行任意代码。

Description (English)

Monsta FTP is a lightweight file manager of Monsta New Zealand. It supports the functions of file transfer, document management and document editing. There is a security gap in Monsta FTP 2.11 and earlier versions, which stems from allowing any document to be uploaded without identification, which may lead to the enforcement of any code.

Hazard Level

Low

Vulnerability Type

代码问题

Affected Vendor

Monsta

Published

2025-11-07

Last Modified

2026-02-24

References

https://labs.watchtowr.com/whats-that-coming-over-the-hill-monsta-ftp-remote-code-execution-cve-2025-34299/ https://www.vulncheck.com/advisories/monsta-ftp-unauthenticated-arbitrary-file-upload https://www.monstaftp.com/notes/ https://access.redhat.com/security/cve/cve-2025-34299 https://cxsecurity.com/issue/WLB-2025120002