CVE-2019-12815 – ProFTPD / ProFTPD – Improper access control

January 7, 2022

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

Summary:

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Exploit status link –
http://bugs.proftpd.org/show_bug.cgi?id=4372#c1

Known Counter Measures:

The impacted vendor released patching information for impacted products and corresponding versions. The vendor addressed the vulnerability in updates.

Links to patches(if available)

https://security-tracker.debian.org/tracker/CVE-2019-12815

You may have missed

CISA Logo

CISA: CISA Releases Eight Industrial Control Systems Advisories

April 25, 2024
alerts

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

April 25, 2024
image

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

April 25, 2024
hkcert

Cisco Products Multiple Vulnerabilities

April 25, 2024
HIBP Banner 1

T2 – 94,584 breached accounts

April 25, 2024