A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00413}


Tue, 15 Jul 2025 14:30:00 +0000


Tue, 15 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Jul 2025 14:00:00 +0000


Tue, 15 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Description A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
Title ColoradoFTP Server <= 1.3 Build 8 Path Traversal Information Disclosure
Weaknesses CWE-22
CWE-306
CWE-552
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-07-15T13:01:10.712Z

Updated: 2025-07-15T13:44:56.509Z

Reserved: 2025-04-15T19:15:22.560Z

Link: CVE-2025-34110

cve-icon Vulnrichment

Updated: 2025-07-15T13:44:47.466Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-15T13:15:30.833

Modified: 2025-07-15T20:07:28.023

Link: CVE-2025-34110

cve-icon Redhat

No data.