CVE-2023-22629 Information

Description

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server’s filesystem.

Reference

https://f20.be/cves/titan-ftp-vulnerabilities https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf https://titanftp.com