WFTPD information disclosure | CVE-2023-33263

NAME
__________
WFTPD information disclosure

Platforms Affected:
Texas Imperial Software WFTPD Pro Server 3.25

Risk Level:
5.5

Exploitability:
Unproven

Consequences:
Obtain Information

DESCRIPTION
__________

WFTPD could allow a local authenticated attacker to obtain sensitive information, caused by the storage of usernames and password hashes in wftpd.ini. By gaining access to the wftpd.ini file, an attacker could exploit this vulnerability to obtain usernames and password information, and use this information to launch further attacks against the affected system.

CVSS 3.0 Information
__________

Privileges Required:
Low

User Interaction:
None

Scope:
Unchanged

Access Vector:
Local

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.

Tags: CVE, CVE-2023-33263, Obtain Information

WFTPD information disclosure | CVE-2023-33263

BYOVD Attacks in Paragon Partition Manager: Zero-Day Exploited Revealed

Phishing Campaign Leverages Havoc Framework for Control of Infected Systems

ICO Investigates TikTok Over Children’s Data Privacy Concerns

Microsoft Teams and Quick Assist Exploited in Cyber Attacks

CISA Reaffirms Commitment to Cybersecurity Amid Russian Threats

You may have missed

BYOVD Attacks in Paragon Partition Manager: Zero-Day Exploited Revealed

Phishing Campaign Leverages Havoc Framework for Control of Infected Systems

ICO Investigates TikTok Over Children’s Data Privacy Concerns

Microsoft Teams and Quick Assist Exploited in Cyber Attacks

CISA Reaffirms Commitment to Cybersecurity Amid Russian Threats