← voltar
CVE-2023-45689

Arbitrary file read via path traversal in Titan MFT and Titan SFTP servers

EPSS 0.8%CWE-22
Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversal
Produtos afetados
South River Technologies · Titan MFTSouth River Technologies · Titan SFTP

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/