Directory Traversal Vulnerability in PCMan's FTP Server
CVE-2015-7601

Currently unrated

Key Information:

Vendor: Pcman\'s Ftp Server Project
Status: Pcman\'s Ftp Server
Vendor: CVE Published:; 29 September 2015

🔔 Create Pcman\'s Ftp Server Project Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 52%

What is CVE-2015-7601?

A directory traversal vulnerability exists in PCMan's FTP Server 2.0.7, allowing attackers to exploit the server by issuing a RETR command with a '..//' sequence. This exploitation can lead to unauthorized access and retrieval of sensitive files on the server, posing significant risks to data security and privacy.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-7601 - Proof of Concept

References

https://www.exploit-db.com/exploits/38340/

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/133756/PCMan-FTP-Ser...

x_refsource_MISC

EPSS Score

52% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Sep 29, 2015
👾
Exploit known to exist
Sep 29, 2015
Vulnerability published
Sep 29, 2015
Vulnerability Reserved
Sep 29, 2015

CVE-2015-7601 Data

JSON