Vulnerability
The open-source FTP server program ProFTPd was exposed to an unauthorized file copying vulnerability, which is caused by the mod_copy module in ProFTPd. The mod_copy module of ProFTPd was originally used for file copy operations, but in the vulnerable version, the relevant command operations of the mod_copy module did not set access authorization verification, resulting in any client being able to copy any file in the system through a specific command.
Impact:
Attackers can use this vulnerability to obtain system-sensitive files, obtain server permissions, and so on.
Mitigation / Precaution
In order to patch this vulnerability, we suggest you update ProFTPd to the latest version.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
