Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| winfrigate | frigate_3 | 3.25 |
| winfrigate | frigate_3 | 3.31 |
| winfrigate | frigate_3 | 3.33 |
| winfrigate | frigate_3 | 3.35 |
| winfrigate | frigate_3 | 3.26 |
| winfrigate | frigate_3 | 3.27 |
| winfrigate | frigate_3 | 3.20 |
| winfrigate | frigate_3 | 3.28 |
| winfrigate | frigate_3 | 3.21 |
| winfrigate | frigate_3 | 3.29 |
| winfrigate | frigate_3 | 3.24 |
| winfrigate | frigate_3 | 3.18 |
| winfrigate | frigate_3 | 3.32 |
| winfrigate | frigate_3 | 3.30 |
| winfrigate | frigate_3 | * |
| winfrigate | frigate_3 | 3.23 |
| winfrigate | frigate_3 | 3.17 |
| winfrigate | frigate_3 | 3.34 |
| winfrigate | frigate_3 | 3.19 |
| winfrigate | frigate_3 | 3.22 |