CVE-2021-41638 Information

Description

The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete which allows a remote attacker to access local files only by using a valid username.

Reference

https://www.securesystems.de/blog/advisory-and-exploitation-the-melag-ftp-server/