← volver
CVE-2023-45689

Arbitrary file read via path traversal in Titan MFT and Titan SFTP servers

EPSS 0.8%CWE-22
Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversal
Productos afectados
South River Technologies · Titan MFTSouth River Technologies · Titan SFTP

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/