CVE-2019-12815 – ProFTPD / ProFTPD – Improper access control

January 7, 2022

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

Summary:

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Exploit status link –
http://bugs.proftpd.org/show_bug.cgi?id=4372#c1

Known Counter Measures:

The impacted vendor released patching information for impacted products and corresponding versions. The vendor addressed the vulnerability in updates.

Links to patches(if available)

https://security-tracker.debian.org/tracker/CVE-2019-12815

You may have missed

hackerone

HackerOne Bug Bounty Disclosure: overwrite-any-file-of-the-web-server-goedix

November 5, 2024
hackerone

HackerOne Bug Bounty Disclosure: open-redirect-via-redirect-to-parameter-in-tumblr-com-shivangmauryaa

November 5, 2024
image

[EMBARGO] – Ransomware Victim: mh-m[.]org

November 5, 2024
image

[BIANLIAN] – Ransomware Victim: Falco Sult

November 5, 2024
image

[INCRANSOM] – Ransomware Victim: Webb Institute

November 5, 2024