CVE-2019-12815 – ProFTPD / ProFTPD – Improper access control

January 7, 2022

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

Summary:

CVE-2019-12815 is an improper access control vulnerability impacting ProFTPD file transfer protocol server up to version 1.3.5b. A proof of concept (PoC) was observed in open source.

PoC Links(if available):

Exploit status link –
http://bugs.proftpd.org/show_bug.cgi?id=4372#c1

Known Counter Measures:

The impacted vendor released patching information for impacted products and corresponding versions. The vendor addressed the vulnerability in updates.

Links to patches(if available)

https://security-tracker.debian.org/tracker/CVE-2019-12815

You may have missed

alerts

Active Exploitation of Vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Products.

April 25, 2024
image

CACTUS Ransomware Victim: https://www[.]ghimli[.]com /

April 25, 2024
hkcert

Cisco Products Multiple Vulnerabilities

April 25, 2024
HIBP Banner 1

T2 – 94,584 breached accounts

April 25, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

April 25, 2024