Remote Code Execution Vulnerability in Ipswitch WS_FTP Server
CVE-2004-1885
Currently unrated
What is CVE-2004-1885?
The Ipswitch WS_FTP Server 4.0.2 contains a vulnerability that allows remote authenticated users to execute arbitrary commands with SYSTEM privileges. This is achieved by using the SITE command to manipulate specific options in iFtpSvc. The flawed design of iftpmgr.exe can be exploited, leading to potential unauthorized access and control of the server environment for users who might exploit this flaw. This issue underscores the importance of securing server configurations and monitoring user activities.