CVE-2019-12815 – ProFTPD / ProFTPD – Improper access control

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

Summary:

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Exploit status link –
http://bugs.proftpd.org/show_bug.cgi?id=4372#c1

Known Counter Measures:

The impacted vendor released patching information for impacted products and corresponding versions. The vendor addressed the vulnerability in updates.

Links to patches(if available)

https://security-tracker.debian.org/tracker/CVE-2019-12815