MidnightBSD

Advisories for southrivertech

CVE-2010-2425 MEDIUM

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 8.00
southrivertech titan_ftp_server 2.02.99
southrivertech titan_ftp_server 5.33.381
southrivertech titan_ftp_server 5.05.321
southrivertech titan_ftp_server 2.10.120
southrivertech titan_ftp_server 2.31.152
southrivertech titan_ftp_server 4.11.257
southrivertech titan_ftp_server 5.05.324
southrivertech titan_ftp_server 7.00
southrivertech titan_ftp_server 5.24.352
southrivertech titan_ftp_server 2.40.155
southrivertech titan_ftp_server 1.0.18
southrivertech titan_ftp_server 4.23.266
southrivertech titan_ftp_server 5.12.333
southrivertech titan_ftp_server 4.20.263
southrivertech titan_ftp_server 5.23.351
southrivertech titan_ftp_server 3.02.165
southrivertech titan_ftp_server 4.10.256
southrivertech titan_ftp_server 1.0.23
southrivertech titan_ftp_server 1.0.31
southrivertech titan_ftp_server 6.24.621
southrivertech titan_ftp_server 4.01.246
southrivertech titan_ftp_server 5.20.342
southrivertech titan_ftp_server 3.30.186
southrivertech titan_ftp_server 5.01.306
southrivertech titan_ftp_server 5.05.316
southrivertech titan_ftp_server 5.05.326
southrivertech titan_ftp_server 4.02.248
southrivertech titan_ftp_server 7.12
southrivertech titan_ftp_server 1.0.25
southrivertech titan_ftp_server 6.20.587
southrivertech titan_ftp_server 1.11.34
southrivertech titan_ftp_server 5.05.319
southrivertech titan_ftp_server 5.12.332
southrivertech titan_ftp_server 6.26.630
southrivertech titan_ftp_server 4.13.260
southrivertech titan_ftp_server 5.05.318
southrivertech titan_ftp_server 6.03.537
southrivertech titan_ftp_server 2.10.121
southrivertech titan_ftp_server 5.11.331
southrivertech titan_ftp_server 5.11.330
southrivertech titan_ftp_server 5.02.307
southrivertech titan_ftp_server 5.12.334
southrivertech titan_ftp_server 5.05.322
southrivertech titan_ftp_server 5.25.356
southrivertech titan_ftp_server 3.00.162
southrivertech titan_ftp_server 5.04.314
southrivertech titan_ftp_server 1.0.19
southrivertech titan_ftp_server 6.00.492
southrivertech titan_ftp_server 5.10.329
southrivertech titan_ftp_server 5.05.327
southrivertech titan_ftp_server 5.30.367
southrivertech titan_ftp_server 5.05.317
southrivertech titan_ftp_server 1.0.22
southrivertech titan_ftp_server 5.38.388
southrivertech titan_ftp_server 5.26.361
southrivertech titan_ftp_server 4.31.272
southrivertech titan_ftp_server 5.04.311
southrivertech titan_ftp_server 5.04.312
southrivertech titan_ftp_server 5.04.313
southrivertech titan_ftp_server 5.33.380
southrivertech titan_ftp_server 2.00.95
southrivertech titan_ftp_server 3.10.169
southrivertech titan_ftp_server 6.01.512
southrivertech titan_ftp_server 1.0.28
southrivertech titan_ftp_server 5.12.335
southrivertech titan_ftp_server 5.04.315
southrivertech titan_ftp_server 4.03.249
southrivertech titan_ftp_server 2.20.140
southrivertech titan_ftp_server 2.10.119
southrivertech titan_ftp_server 4.05.252
southrivertech titan_ftp_server 6.04.545
southrivertech titan_ftp_server 4.21.264
southrivertech titan_ftp_server 6.25.622
southrivertech titan_ftp_server 5.03.308
southrivertech titan_ftp_server 7.10
southrivertech titan_ftp_server 4.30.269
southrivertech titan_ftp_server 6.06.555
southrivertech titan_ftp_server 2.11.132
southrivertech titan_ftp_server 1.0.30
southrivertech titan_ftp_server 5.12.336
southrivertech titan_ftp_server 7.01
southrivertech titan_ftp_server 5.10.328
southrivertech titan_ftp_server 6.05.550
southrivertech titan_ftp_server 5.35.385
southrivertech titan_ftp_server 5.03.309
southrivertech titan_ftp_server 5.37.387
southrivertech titan_ftp_server 1.0.24
southrivertech titan_ftp_server 3.21.177
southrivertech titan_ftp_server 3.20.175
southrivertech titan_ftp_server 1.1.33
southrivertech titan_ftp_server 7.02
southrivertech titan_ftp_server 5.05.323
southrivertech titan_ftp_server 1.0.20
southrivertech titan_ftp_server 3.22.178
southrivertech titan_ftp_server 1.0.17
southrivertech titan_ftp_server 2.01.96
southrivertech titan_ftp_server 1.0.26
southrivertech titan_ftp_server 3.01.163
southrivertech titan_ftp_server 3.12.172
southrivertech titan_ftp_server 8.10
southrivertech titan_ftp_server 2.21.142
southrivertech titan_ftp_server 5.05.325
southrivertech titan_ftp_server 6.21.596
southrivertech titan_ftp_server 5.36.386
southrivertech titan_ftp_server 1.0.21
southrivertech titan_ftp_server *
southrivertech titan_ftp_server 4.00.245
southrivertech titan_ftp_server 6.10.560
southrivertech titan_ftp_server 4.14.261
southrivertech titan_ftp_server 2.0.44
southrivertech titan_ftp_server 5.03.310
southrivertech titan_ftp_server 1.0.27
southrivertech titan_ftp_server 2.30.151
southrivertech titan_ftp_server 5.22.350
southrivertech titan_ftp_server 5.39.389
southrivertech titan_ftp_server 4.22.265
southrivertech titan_ftp_server 6.23.616
southrivertech titan_ftp_server 5.00.303
southrivertech titan_ftp_server 5.05.320
southrivertech titan_ftp_server 5.32.376
southrivertech titan_ftp_server 5.21.347
southrivertech titan_ftp_server 5.31.373
southrivertech titan_ftp_server 1.0.29
southrivertech titan_ftp_server 5.27.362
southrivertech titan_ftp_server 8.01
CVE-2010-2426 MEDIUM

Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 8.00
southrivertech titan_ftp_server 2.02.99
southrivertech titan_ftp_server 5.33.381
southrivertech titan_ftp_server 5.05.321
southrivertech titan_ftp_server 2.10.120
southrivertech titan_ftp_server 2.31.152
southrivertech titan_ftp_server 4.11.257
southrivertech titan_ftp_server 5.05.324
southrivertech titan_ftp_server 7.00
southrivertech titan_ftp_server 5.24.352
southrivertech titan_ftp_server 2.40.155
southrivertech titan_ftp_server 1.0.18
southrivertech titan_ftp_server 4.23.266
southrivertech titan_ftp_server 5.12.333
southrivertech titan_ftp_server 4.20.263
southrivertech titan_ftp_server 5.23.351
southrivertech titan_ftp_server 3.02.165
southrivertech titan_ftp_server 4.10.256
southrivertech titan_ftp_server 1.0.23
southrivertech titan_ftp_server 1.0.31
southrivertech titan_ftp_server 6.24.621
southrivertech titan_ftp_server 4.01.246
southrivertech titan_ftp_server 5.20.342
southrivertech titan_ftp_server 3.30.186
southrivertech titan_ftp_server 5.01.306
southrivertech titan_ftp_server 5.05.316
southrivertech titan_ftp_server 5.05.326
southrivertech titan_ftp_server 4.02.248
southrivertech titan_ftp_server 7.12
southrivertech titan_ftp_server 1.0.25
southrivertech titan_ftp_server 6.20.587
southrivertech titan_ftp_server 1.11.34
southrivertech titan_ftp_server 5.05.319
southrivertech titan_ftp_server 5.12.332
southrivertech titan_ftp_server 6.26.630
southrivertech titan_ftp_server 4.13.260
southrivertech titan_ftp_server 5.05.318
southrivertech titan_ftp_server 6.03.537
southrivertech titan_ftp_server 2.10.121
southrivertech titan_ftp_server 5.11.331
southrivertech titan_ftp_server 5.11.330
southrivertech titan_ftp_server 5.02.307
southrivertech titan_ftp_server 5.12.334
southrivertech titan_ftp_server 5.05.322
southrivertech titan_ftp_server 5.25.356
southrivertech titan_ftp_server 3.00.162
southrivertech titan_ftp_server 5.04.314
southrivertech titan_ftp_server 1.0.19
southrivertech titan_ftp_server 6.00.492
southrivertech titan_ftp_server 5.10.329
southrivertech titan_ftp_server 5.05.327
southrivertech titan_ftp_server 5.30.367
southrivertech titan_ftp_server 5.05.317
southrivertech titan_ftp_server 1.0.22
southrivertech titan_ftp_server 5.38.388
southrivertech titan_ftp_server 5.26.361
southrivertech titan_ftp_server 4.31.272
southrivertech titan_ftp_server 5.04.311
southrivertech titan_ftp_server 5.04.312
southrivertech titan_ftp_server 5.04.313
southrivertech titan_ftp_server 5.33.380
southrivertech titan_ftp_server 2.00.95
southrivertech titan_ftp_server 3.10.169
southrivertech titan_ftp_server 6.01.512
southrivertech titan_ftp_server 1.0.28
southrivertech titan_ftp_server 5.12.335
southrivertech titan_ftp_server 5.04.315
southrivertech titan_ftp_server 4.03.249
southrivertech titan_ftp_server 2.20.140
southrivertech titan_ftp_server 2.10.119
southrivertech titan_ftp_server 4.05.252
southrivertech titan_ftp_server 6.04.545
southrivertech titan_ftp_server 4.21.264
southrivertech titan_ftp_server 6.25.622
southrivertech titan_ftp_server 5.03.308
southrivertech titan_ftp_server 7.10
southrivertech titan_ftp_server 4.30.269
southrivertech titan_ftp_server 6.06.555
southrivertech titan_ftp_server 2.11.132
southrivertech titan_ftp_server 1.0.30
southrivertech titan_ftp_server 5.12.336
southrivertech titan_ftp_server 7.01
southrivertech titan_ftp_server 5.10.328
southrivertech titan_ftp_server 6.05.550
southrivertech titan_ftp_server 5.35.385
southrivertech titan_ftp_server 5.03.309
southrivertech titan_ftp_server 5.37.387
southrivertech titan_ftp_server 1.0.24
southrivertech titan_ftp_server 3.21.177
southrivertech titan_ftp_server 3.20.175
southrivertech titan_ftp_server 1.1.33
southrivertech titan_ftp_server 7.02
southrivertech titan_ftp_server 5.05.323
southrivertech titan_ftp_server 1.0.20
southrivertech titan_ftp_server 3.22.178
southrivertech titan_ftp_server 1.0.17
southrivertech titan_ftp_server 2.01.96
southrivertech titan_ftp_server 1.0.26
southrivertech titan_ftp_server 3.01.163
southrivertech titan_ftp_server 3.12.172
southrivertech titan_ftp_server 8.10
southrivertech titan_ftp_server 2.21.142
southrivertech titan_ftp_server 5.05.325
southrivertech titan_ftp_server 6.21.596
southrivertech titan_ftp_server 5.36.386
southrivertech titan_ftp_server 1.0.21
southrivertech titan_ftp_server *
southrivertech titan_ftp_server 4.00.245
southrivertech titan_ftp_server 6.10.560
southrivertech titan_ftp_server 4.14.261
southrivertech titan_ftp_server 2.0.44
southrivertech titan_ftp_server 5.03.310
southrivertech titan_ftp_server 1.0.27
southrivertech titan_ftp_server 2.30.151
southrivertech titan_ftp_server 5.22.350
southrivertech titan_ftp_server 5.39.389
southrivertech titan_ftp_server 4.22.265
southrivertech titan_ftp_server 6.23.616
southrivertech titan_ftp_server 5.00.303
southrivertech titan_ftp_server 5.05.320
southrivertech titan_ftp_server 5.32.376
southrivertech titan_ftp_server 5.21.347
southrivertech titan_ftp_server 5.31.373
southrivertech titan_ftp_server 1.0.29
southrivertech titan_ftp_server 5.27.362
southrivertech titan_ftp_server 8.01
CVE-2014-1841 MEDIUM

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 10.0.1733
southrivertech titan_ftp_server 10.01.1740
southrivertech titan_ftp_server 10.30
southrivertech titan_ftp_server *
CVE-2014-1842 MEDIUM

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 10.0.1733
southrivertech titan_ftp_server 10.01.1740
southrivertech titan_ftp_server 10.30
southrivertech titan_ftp_server *
CVE-2014-1843 MEDIUM

Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 10.0.1733
southrivertech titan_ftp_server 10.01.1740
southrivertech titan_ftp_server 10.30
southrivertech titan_ftp_server *
CVE-2019-10009 MEDIUM

A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server 2019
CVE-2022-34005 HIGH

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance installed by default during TitanFTP NextGen installation, aka NX-I674 (sub-issue 1). NOTE: as of 2022-06-21, the 1.2.1050 release corrects this vulnerability in a new installation, but not in an upgrade installation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server_nextgen *
CVE-2022-34006 HIGH

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT AUTHORITY\SYSTEM, aka NX-I674 (sub-issue 2). NOTE: as of 2022-06-21, the 1.2.1050 release corrects this vulnerability in a new installation, but not in an upgrade installation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
southrivertech titan_ftp_server_nextgen *
CVE-2022-44215

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
southrivertech titan_ftp_server *
CVE-2023-22629

An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
southrivertech titan_ftp_server *
CVE-2023-27744

An issue was discovered in South River Technologies TitanFTP NextGen server that allows for a vertical privilege escalation leading to remote code execution.

Products Affected

Vendor Product Version
southrivertech titan_ftp_server_nextgen *
CVE-2023-27745

An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level privileges to perform Administrative actions by sending requests to the user server.

Products Affected

Vendor Product Version
southrivertech titan_ftp_server_nextgen *
CVE-2023-45685

Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 2.3 6.0
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 2.3 6.0

Products Affected

Vendor Product Version
southrivertech titan_sftp_server *
southrivertech titan_mft_server *
CVE-2023-45686

Insufficient path validation when writing a file via WebDAV in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
southrivertech titan_mfp_server *
CVE-2023-45687

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
southrivertech titan_sftp_server *
southrivertech titan_mft_server *
CVE-2023-45688

Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to get the size of an arbitrary file on the filesystem using path traversal in the ftp "SIZE" command

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
southrivertech titan_sftp_server *
southrivertech titan_mft_server *
CVE-2023-45689

Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversal

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
southrivertech titan_sftp_server *
southrivertech titan_mft_server *
CVE-2023-45690

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
southrivertech titan_ftp_server *
southrivertech titan_mft_server *
CVE-2024-1192 LOW

A vulnerability was found in South River WebDrive 18.00.5057. It has been declared as problematic. This vulnerability affects unknown code of the component New Secure WebDAV. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-252682 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-404,

Products Affected

Vendor Product Version
southrivertech webdrive 18.00.5057